1e1789f6d1
This change allows configuration of the http and https listeners used by the supervisor. TCP (IPv4 and IPv6 with any interface and port) and Unix domain socket based listeners are supported. Listeners may also be disabled. Binding the http listener to TCP addresses other than 127.0.0.1 or ::1 is deprecated. The deployment now uses https health checks. The supervisor is always able to complete a TLS connection with the use of a bootstrap certificate that is signed by an in-memory certificate authority. To support sidecar containers used by service meshes, Unix domain socket based listeners include ACLs that allow writes to the socket file from any runAsUser specified in the pod's containers. Signed-off-by: Monis Khan <mok@vmware.com>
193 lines
9.9 KiB
Modula-2
193 lines
9.9 KiB
Modula-2
module go.pinniped.dev
|
|
|
|
go 1.17
|
|
|
|
// Unfortuntely, having any indirect dependency on github.com/oleiade/reflections@v1.0.0
|
|
// seems to cause Dependabot to stop scanning our dependencies due to a checksum error for the package.
|
|
// The cause of the checksum error is described in https://github.com/oleiade/reflections/issues/14.
|
|
//
|
|
// According to `go mod graph`, this dependency is (currently) coming from:
|
|
// go.pinniped.dev -> github.com/ory/x@v0.0.212 -> github.com/ory/analytics-go/v4@v4.0.0 -> github.com/ory/x@v0.0.110 -> github.com/ory/fosite@v0.29.0 -> github.com/oleiade/reflections@v1.0.0
|
|
// So the issue is that older versions of ory/x had a direct dependency on an old version of Fosite.
|
|
// Newer versions of ory/x do not depend on fosite anymore. We can use a replace directive until none
|
|
// of our indirect dependencies pull in any old versions of ory/x anymore.
|
|
//
|
|
// Whenever we upgrade fosite and ory/x, we can try removing this replace directive and running
|
|
// `go mod tidy` to see if github.com/oleiade/reflections@v1.0.0 still appears in our go.sum.
|
|
// As long as it does, we probably need to keep this replace directive.
|
|
replace github.com/oleiade/reflections => github.com/oleiade/reflections v1.0.1
|
|
|
|
// bumping github.com/ory/x to higher than v0.0.297 breaks k8s.io/apiserver via go.opentelemetry.io/otel/semconv
|
|
// force the use of an old version for now as it seems to allow a newer ory/x without breaking the apiserver lib.
|
|
// all go.opentelemetry.io replace directives are copied from:
|
|
// https://github.com/kubernetes/kubernetes/blob/3bce0502aac87f9907af0ef19df5935632ceafdf/go.mod#L432-L443
|
|
replace (
|
|
go.opentelemetry.io/contrib => go.opentelemetry.io/contrib v0.20.0
|
|
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0
|
|
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0
|
|
go.opentelemetry.io/otel => go.opentelemetry.io/otel v0.20.0
|
|
go.opentelemetry.io/otel/exporters/otlp => go.opentelemetry.io/otel/exporters/otlp v0.20.0
|
|
go.opentelemetry.io/otel/metric => go.opentelemetry.io/otel/metric v0.20.0
|
|
go.opentelemetry.io/otel/oteltest => go.opentelemetry.io/otel/oteltest v0.20.0
|
|
go.opentelemetry.io/otel/sdk => go.opentelemetry.io/otel/sdk v0.20.0
|
|
go.opentelemetry.io/otel/sdk/export/metric => go.opentelemetry.io/otel/sdk/export/metric v0.20.0
|
|
go.opentelemetry.io/otel/sdk/metric => go.opentelemetry.io/otel/sdk/metric v0.20.0
|
|
go.opentelemetry.io/otel/trace => go.opentelemetry.io/otel/trace v0.20.0
|
|
go.opentelemetry.io/proto/otlp => go.opentelemetry.io/proto/otlp v0.7.0
|
|
)
|
|
|
|
require (
|
|
github.com/MakeNowJust/heredoc/v2 v2.0.1
|
|
github.com/coreos/go-oidc/v3 v3.1.0
|
|
github.com/creack/pty v1.1.17
|
|
github.com/davecgh/go-spew v1.1.1
|
|
github.com/felixge/httpsnoop v1.0.2
|
|
github.com/go-ldap/ldap/v3 v3.4.1
|
|
github.com/go-logr/logr v1.2.2
|
|
github.com/go-logr/stdr v1.2.2
|
|
github.com/gofrs/flock v0.8.1
|
|
github.com/golang/mock v1.6.0
|
|
github.com/google/go-cmp v0.5.6
|
|
github.com/google/gofuzz v1.2.0
|
|
github.com/google/uuid v1.3.0
|
|
github.com/gorilla/securecookie v1.1.1
|
|
github.com/gorilla/websocket v1.4.2
|
|
github.com/joshlf/go-acl v0.0.0-20200411065538-eae00ae38531
|
|
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
|
|
github.com/ory/fosite v0.41.0
|
|
github.com/ory/x v0.0.331
|
|
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8
|
|
github.com/pkg/errors v0.9.1
|
|
github.com/sclevine/agouti v3.0.0+incompatible
|
|
github.com/sclevine/spec v1.4.0
|
|
github.com/spf13/cobra v1.3.0
|
|
github.com/spf13/pflag v1.0.5
|
|
github.com/stretchr/testify v1.7.0
|
|
github.com/tdewolff/minify/v2 v2.9.26
|
|
go.uber.org/atomic v1.9.0
|
|
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
|
|
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f
|
|
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8
|
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
|
|
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
|
|
golang.org/x/text v0.3.7
|
|
gopkg.in/square/go-jose.v2 v2.6.0
|
|
k8s.io/api v0.23.1
|
|
k8s.io/apiextensions-apiserver v0.23.1
|
|
k8s.io/apimachinery v0.23.1
|
|
k8s.io/apiserver v0.23.1
|
|
k8s.io/client-go v0.23.1
|
|
k8s.io/component-base v0.23.1
|
|
k8s.io/gengo v0.0.0-20211129171323-c02415ce4185
|
|
k8s.io/klog/v2 v2.40.1
|
|
k8s.io/kube-aggregator v0.23.1
|
|
k8s.io/utils v0.0.0-20211208161948-7d6a63dca704
|
|
sigs.k8s.io/yaml v1.3.0
|
|
)
|
|
|
|
require (
|
|
cloud.google.com/go v0.99.0 // indirect
|
|
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
|
|
github.com/Azure/go-autorest/autorest v0.11.23 // indirect
|
|
github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect
|
|
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
|
|
github.com/Azure/go-autorest/logger v0.2.1 // indirect
|
|
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
|
|
github.com/Azure/go-ntlmssp v0.0.0-20211209120228-48547f28849e // indirect
|
|
github.com/NYTimes/gziphandler v1.1.1 // indirect
|
|
github.com/PuerkitoBio/purell v1.1.1 // indirect
|
|
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
|
|
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
|
|
github.com/beorn7/perks v1.0.1 // indirect
|
|
github.com/blang/semver v3.5.1+incompatible // indirect
|
|
github.com/cespare/xxhash/v2 v2.1.2 // indirect
|
|
github.com/coreos/go-oidc v2.2.1+incompatible // indirect
|
|
github.com/coreos/go-semver v0.3.0 // indirect
|
|
github.com/coreos/go-systemd/v22 v22.3.2 // indirect
|
|
github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
|
|
github.com/dgraph-io/ristretto v0.1.0 // indirect
|
|
github.com/dustin/go-humanize v1.0.0 // indirect
|
|
github.com/emicklei/go-restful v2.15.0+incompatible // indirect
|
|
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
|
|
github.com/form3tech-oss/jwt-go v3.2.5+incompatible // indirect
|
|
github.com/fsnotify/fsnotify v1.5.1 // indirect
|
|
github.com/go-asn1-ber/asn1-ber v1.5.3 // indirect
|
|
github.com/go-openapi/jsonpointer v0.19.5 // indirect
|
|
github.com/go-openapi/jsonreference v0.19.6 // indirect
|
|
github.com/go-openapi/swag v0.19.15 // indirect
|
|
github.com/gogo/protobuf v1.3.2 // indirect
|
|
github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
|
|
github.com/golang/glog v1.0.0 // indirect
|
|
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
|
github.com/golang/protobuf v1.5.2 // indirect
|
|
github.com/googleapis/gnostic v0.5.5 // indirect
|
|
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
|
|
github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
|
|
github.com/hashicorp/hcl v1.0.0 // indirect
|
|
github.com/imdario/mergo v0.3.12 // indirect
|
|
github.com/inconshreveable/mousetrap v1.0.0 // indirect
|
|
github.com/josharian/intern v1.0.0 // indirect
|
|
github.com/joshlf/testutil v0.0.0-20170608050642-b5d8aa79d93d // indirect
|
|
github.com/json-iterator/go v1.1.12 // indirect
|
|
github.com/magiconair/properties v1.8.5 // indirect
|
|
github.com/mailru/easyjson v0.7.7 // indirect
|
|
github.com/mattn/goveralls v0.0.11 // indirect
|
|
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
|
|
github.com/mitchellh/mapstructure v1.4.3 // indirect
|
|
github.com/moby/spdystream v0.2.0 // indirect
|
|
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
|
|
github.com/modern-go/reflect2 v1.0.2 // indirect
|
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
|
github.com/ory/go-acc v0.2.6 // indirect
|
|
github.com/ory/go-convenience v0.1.0 // indirect
|
|
github.com/ory/viper v1.7.5 // indirect
|
|
github.com/pborman/uuid v1.2.1 // indirect
|
|
github.com/pelletier/go-toml v1.9.4 // indirect
|
|
github.com/pmezard/go-difflib v1.0.0 // indirect
|
|
github.com/pquerna/cachecontrol v0.1.0 // indirect
|
|
github.com/prometheus/client_golang v1.11.0 // indirect
|
|
github.com/prometheus/client_model v0.2.0 // indirect
|
|
github.com/prometheus/common v0.32.1 // indirect
|
|
github.com/prometheus/procfs v0.7.3 // indirect
|
|
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
|
github.com/spf13/afero v1.7.1 // indirect
|
|
github.com/spf13/cast v1.4.1 // indirect
|
|
github.com/spf13/jwalterweatherman v1.1.0 // indirect
|
|
github.com/subosito/gotenv v1.2.0 // indirect
|
|
github.com/tdewolff/parse/v2 v2.5.26 // indirect
|
|
go.etcd.io/etcd/api/v3 v3.5.1 // indirect
|
|
go.etcd.io/etcd/client/pkg/v3 v3.5.1 // indirect
|
|
go.etcd.io/etcd/client/v3 v3.5.1 // indirect
|
|
go.opentelemetry.io/contrib v0.20.0 // indirect
|
|
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 // indirect
|
|
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 // indirect
|
|
go.opentelemetry.io/otel v1.2.0 // indirect
|
|
go.opentelemetry.io/otel/exporters/otlp v0.20.0 // indirect
|
|
go.opentelemetry.io/otel/metric v0.20.0 // indirect
|
|
go.opentelemetry.io/otel/sdk v1.2.0 // indirect
|
|
go.opentelemetry.io/otel/sdk/export/metric v0.20.0 // indirect
|
|
go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect
|
|
go.opentelemetry.io/otel/trace v1.2.0 // indirect
|
|
go.opentelemetry.io/proto/otlp v0.10.0 // indirect
|
|
go.uber.org/multierr v1.7.0 // indirect
|
|
go.uber.org/zap v1.19.1 // indirect
|
|
golang.org/x/mod v0.5.1 // indirect
|
|
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect
|
|
golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 // indirect
|
|
golang.org/x/tools v0.1.8 // indirect
|
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
|
|
google.golang.org/appengine v1.6.7 // indirect
|
|
google.golang.org/genproto v0.0.0-20211223182754-3ac035c7e7cb // indirect
|
|
google.golang.org/grpc v1.43.0 // indirect
|
|
google.golang.org/protobuf v1.27.1 // indirect
|
|
gopkg.in/inf.v0 v0.9.1 // indirect
|
|
gopkg.in/ini.v1 v1.66.2 // indirect
|
|
gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect
|
|
gopkg.in/yaml.v2 v2.4.0 // indirect
|
|
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
|
|
k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect
|
|
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27 // indirect
|
|
sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect
|
|
sigs.k8s.io/structured-merge-diff/v4 v4.2.0 // indirect
|
|
)
|