From 80edd38ea453563bb0f46986424afb28a4a36835 Mon Sep 17 00:00:00 2001 From: irenarindos Date: Wed, 25 Sep 2024 18:16:57 +0000 Subject: [PATCH] backport of commit 7b088a7982686418f4c050f1bad5aaf1a013104e --- .github/workflows/backport.yml | 20 +- .github/workflows/enos-run.yml | 2 +- .github/workflows/jira.yml | 2 +- .github/workflows/test-race.yml | 4 +- .github/workflows/test.yml | 4 +- .go-version | 2 +- .../linux/package/etc/boundary.d/worker.hcl | 2 +- .semgrep/event-with-info-msg.yaml | 13 - CHANGELOG.md | 6 - Makefile | 2 +- api/client_test.go | 8 +- api/go.mod | 4 +- api/proxy/proxy_test.go | 3 - enos/README.md | 101 +++---- enos/ci/hcp-resources/.gitignore | 1 - enos/ci/hcp-resources/README.md | 41 --- enos/ci/hcp-resources/main.tf | 141 ---------- enos/ci/hcp-resources/outputs.tf | 44 --- enos/ci/hcp-resources/variables.tf | 45 ---- .../modules/aws_boundary/templates/worker.hcl | 2 +- .../aws_boundary/templates/worker_bsr.hcl | 2 +- go.mod | 24 +- go.sum | 44 +-- .../repository_auth_method_update_test.go | 12 +- internal/bsr/ssh/chunk_decode_test.go | 165 ------------ .../internal/daemon/options_test.go | 4 +- internal/cmd/base/base.go | 40 ++- internal/cmd/base/server_test.go | 64 +---- internal/cmd/base/servers.go | 10 - .../cmd/commands/clientagentcmd/addtoken.go | 4 +- .../cmd/commands/clientagentcmd/status.go | 1 - .../clientagentcmd/wrapper_register.go | 10 +- internal/cmd/commands/server/server.go | 3 + internal/cmd/commands/targetscmd/funcs.go | 3 - internal/cmd/config/config.go | 35 ++- internal/cmd/config/config_load_test.go | 4 + internal/cmd/config/config_test.go | 252 +++--------------- internal/cmd/main.go | 2 +- internal/cmd/ops/server_test.go | 18 +- internal/daemon/controller/auth/auth.go | 16 -- internal/daemon/controller/auth/option.go | 8 - .../daemon/controller/auth/options_test.go | 2 - internal/daemon/controller/auth/testing.go | 1 - internal/daemon/controller/gateway.go | 1 - internal/daemon/controller/gateway_test.go | 32 --- internal/daemon/controller/handler.go | 20 +- internal/daemon/controller/handler_test.go | 43 --- .../authmethods/authmethod_service.go | 7 +- .../controller/handlers/authmethods/ldap.go | 23 +- .../handlers/authmethods/ldap_test.go | 71 +---- .../controller/handlers/authmethods/oidc.go | 2 +- .../handlers/authmethods/password.go | 15 +- .../handlers/authmethods/password_test.go | 19 +- internal/daemon/controller/interceptor.go | 3 +- internal/daemon/controller/testing.go | 2 +- internal/daemon/worker/status.go | 2 +- internal/daemon/worker/worker.go | 2 +- internal/db/sqltest/Makefile | 1 - .../tests/history/static_host_ipv6.sql | 42 --- .../sqltest/tests/host/static_host_ipv6.sql | 42 --- internal/db/sqltest/tests/server/ipv6.sql | 76 ------ .../tests/session/session_connection_ipv6.sql | 73 ----- .../tests/wh/session_connection/ipv6.sql | 61 ----- .../event/cloudevents_formatter_node_test.go | 8 +- internal/gen/controller.swagger.json | 2 +- internal/gen/controller/auth/auth.pb.go | 25 +- internal/host/plugin/job_set_sync_test.go | 10 +- internal/host/plugin/repository_host_test.go | 2 +- internal/host/plugin/testing.go | 24 +- internal/host/static/repository_host_test.go | 66 +---- internal/proto/controller/auth/v1/auth.proto | 3 - internal/ratelimit/handler_test.go | 32 +-- internal/server/options.go | 2 +- internal/server/options_test.go | 3 +- internal/server/repository_controller_test.go | 20 +- internal/server/repository_worker_test.go | 66 ----- internal/session/session_connect_with_test.go | 13 +- internal/session/session_test.go | 31 +-- .../target/tcp/repository_tcp_target_test.go | 66 +---- internal/tests/api/targets/target_test.go | 22 +- .../tests/cluster/session_cleanup_test.go | 6 +- .../tests/cluster/x509_verification_test.go | 10 - plugins/boundary/mains/aws/go.mod | 4 +- plugins/boundary/mains/azure/go.mod | 2 +- plugins/boundary/mains/azure/go.sum | 28 -- plugins/boundary/mains/minio/go.mod | 2 +- plugins/kms/mains/alicloudkms/go.mod | 2 +- plugins/kms/mains/alicloudkms/go.sum | 6 - plugins/kms/mains/awskms/go.mod | 2 +- plugins/kms/mains/awskms/go.sum | 4 - plugins/kms/mains/azurekeyvault/go.mod | 2 +- plugins/kms/mains/azurekeyvault/go.sum | 8 - plugins/kms/mains/gcpckms/go.mod | 2 +- plugins/kms/mains/gcpckms/go.sum | 7 - plugins/kms/mains/ocikms/go.mod | 2 +- plugins/kms/mains/ocikms/go.sum | 7 - plugins/kms/mains/transit/go.mod | 2 +- plugins/kms/mains/transit/go.sum | 7 - scan.hcl | 2 +- sdk/go.mod | 4 +- sdk/testutil/free_port_test.go | 2 +- .../target_tcp_connect_authz_token_test.go | 29 +- version/VERSION | 2 +- 103 files changed, 298 insertions(+), 1947 deletions(-) delete mode 100644 .semgrep/event-with-info-msg.yaml delete mode 100644 enos/ci/hcp-resources/.gitignore delete mode 100644 enos/ci/hcp-resources/README.md delete mode 100644 enos/ci/hcp-resources/main.tf delete mode 100644 enos/ci/hcp-resources/outputs.tf delete mode 100644 enos/ci/hcp-resources/variables.tf delete mode 100644 internal/db/sqltest/tests/history/static_host_ipv6.sql delete mode 100644 internal/db/sqltest/tests/host/static_host_ipv6.sql delete mode 100644 internal/db/sqltest/tests/server/ipv6.sql delete mode 100644 internal/db/sqltest/tests/session/session_connection_ipv6.sql delete mode 100644 internal/db/sqltest/tests/wh/session_connection/ipv6.sql diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 02466877cd..611ca008dc 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -14,26 +14,8 @@ jobs: backport: if: github.event.pull_request.merged runs-on: ${{ fromJSON(vars.RUNNER) }} - container: hashicorpdev/backport-assistant:0.5.1 + container: hashicorpdev/backport-assistant:0.2.3 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - fetch-depth: 0 # Fetch all branches and tags - - name: Check if any migrations have changed - run: | - if git diff --exit-code --name-only "origin/${{ github.event.pull_request.base.ref }}"...HEAD -- internal/db/schema/migrations; then - echo "No migrations have changed, continuing with backport" - else - # Post comment on PR. - echo "Posting new backport-failure GitHub comment under PR #${{ github.event.pull_request.number }}" - curl -sX POST \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ - -d '{"body": "Backport Assistant: you attempted to automatically backport changes in this PR, but because it contained changes to migration files, this was rejected. Please carefully manually backport the changes."}' \ - "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/issues/${{ github.event.pull_request.number }}/comments" - echo "Migrations have changed, refusing to backport. Please carefully manually backport the changes." - exit 1 - fi - name: Backport changes to stable-website run: | backport-assistant backport -automerge diff --git a/.github/workflows/enos-run.yml b/.github/workflows/enos-run.yml index 65aae3851a..c327a12efc 100644 --- a/.github/workflows/enos-run.yml +++ b/.github/workflows/enos-run.yml @@ -119,7 +119,7 @@ jobs: key: ${{ needs.setup.outputs.go-cache-key }} restore-keys: | ${{ runner.os }}-go - fail-on-cache-miss: false + fail-on-cache-miss: true - name: Set up Terraform uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed with: diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml index a06dc6ae50..6978edf96d 100644 --- a/.github/workflows/jira.yml +++ b/.github/workflows/jira.yml @@ -22,7 +22,7 @@ jobs: id: boundary-team-role run: | TEAM=boundary - ROLE="$(gh api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')" + ROLE="$(hub api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')" if [[ -n ${ROLE} ]]; then echo "Actor ${{ github.actor }} is a ${TEAM} team member, skipping ticket creation" else diff --git a/.github/workflows/test-race.yml b/.github/workflows/test-race.yml index 3ca39bcc52..a362a8516e 100644 --- a/.github/workflows/test-race.yml +++ b/.github/workflows/test-race.yml @@ -109,7 +109,7 @@ jobs: key: ${{ needs.setup.outputs.go-cache-key }} restore-keys: | ${{ runner.os }}-go - fail-on-cache-miss: false + fail-on-cache-miss: true - name: Test ${{ matrix.module }} Module run: | make test-${{ matrix.module }} @@ -141,7 +141,7 @@ jobs: key: ${{ needs.setup.outputs.go-cache-key }} restore-keys: | ${{ runner.os }}-go - fail-on-cache-miss: false + fail-on-cache-miss: true - name: Set up plugin cache id: plugin-cache uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 41b4bedbae..c7d70a42da 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -109,7 +109,7 @@ jobs: key: ${{ needs.setup.outputs.go-cache-key }} restore-keys: | ${{ runner.os }}-go - fail-on-cache-miss: false + fail-on-cache-miss: true - name: Test ${{ matrix.module }} Module run: | make test-${{ matrix.module }} @@ -141,7 +141,7 @@ jobs: key: ${{ needs.setup.outputs.go-cache-key }} restore-keys: | ${{ runner.os }}-go - fail-on-cache-miss: false + fail-on-cache-miss: true - name: Set up plugin cache id: plugin-cache uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 diff --git a/.go-version b/.go-version index 49e0a31d49..da9594fd66 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.23.1 +1.22.5 diff --git a/.release/linux/package/etc/boundary.d/worker.hcl b/.release/linux/package/etc/boundary.d/worker.hcl index 28a0ce3259..5ac07e935a 100644 --- a/.release/linux/package/etc/boundary.d/worker.hcl +++ b/.release/linux/package/etc/boundary.d/worker.hcl @@ -13,7 +13,7 @@ # description = "A default worker created demonstration" # # Workers must be able to reach controllers on :9201 -# initial_upstreams = [ +# controllers = [ # "10.0.0.1", # "10.0.0.2", # "10.0.0.3", diff --git a/.semgrep/event-with-info-msg.yaml b/.semgrep/event-with-info-msg.yaml deleted file mode 100644 index af1c32291c..0000000000 --- a/.semgrep/event-with-info-msg.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -rules: - - id: with-info-msg-string-interpolation - languages: - - go - severity: ERROR - message: Use of WithInfoMsg with string interpolation. WithInfoMsg expects kv - tuples. - # Source for Go string interpolation verbs: - # https://pkg.go.dev/fmt#hdr-Printing. - pattern: event.WithInfoMsg("=~/.*%(((\[\d+\])|[\d|\.|#|+|\-| |\*])*)?[s|v|q|d|T|t|b|c|o|O|x|X|U|e|E|f|F|g|G|p].*/",...) diff --git a/CHANGELOG.md b/CHANGELOG.md index 940c5c7e0c..97f0fbab0b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,9 +4,6 @@ Canonical reference for changes, improvements, and bugfixes for Boundary. ## Next -* Remove deprecated `controllers` field from the worker config, which was deprecated in 0.9.0 for -`initial_upstreams`([PR](https://github.com/hashicorp/boundary/pull/5125)) - ## 0.17.2 (Unreleased) ### Changes @@ -84,9 +81,6 @@ object store. There are two SBC types, managed secret and environmental. ([PR](https://github.com/hashicorp/boundary-ui/pull/2388)) * ui: Add API tags support for workers and improve worker filtering for targets ([PR](https://github.com/hashicorp/boundary-ui/pull/2393)) -* Updated grpc to 1.61.1([PR](https://github.com/hashicorp/boundary/pull/4983)) - -### Bug Fixes ## 0.16.2 (2024/06/10) diff --git a/Makefile b/Makefile index 110e9ee284..0b8cc835a8 100644 --- a/Makefile +++ b/Makefile @@ -37,7 +37,7 @@ golangci-lint: if [ "$(GOLINT_INSTALLED)" = "" ]; then \ curl -sSfL \ - https://raw.githubusercontent.com/golangci/golangci-lint/9a8a056e9fe49c0e9ed2287aedce1022c79a115b/install.sh | sh -s -- -b $(GO_PATH)/bin v1.60.3; \ + https://raw.githubusercontent.com/golangci/golangci-lint/9a8a056e9fe49c0e9ed2287aedce1022c79a115b/install.sh | sh -s -- -b $(GO_PATH)/bin v1.55.2; \ fi; .PHONY: cleangen diff --git a/api/client_test.go b/api/client_test.go index 757aef94b0..2e8bea6c7f 100644 --- a/api/client_test.go +++ b/api/client_test.go @@ -23,17 +23,11 @@ func TestConfigSetAddress(t *testing.T) { tests := []test{ { - "ipv4", + "bare", "http://127.0.0.1:9200", "http://127.0.0.1:9200", "", }, - { - "ipv6", - "http://[::1]:9200", - "http://[::1]:9200", - "", - }, { "bare with version", "http://127.0.0.1:9200/v1", diff --git a/api/go.mod b/api/go.mod index ce20c34df6..7f70d44a16 100644 --- a/api/go.mod +++ b/api/go.mod @@ -1,6 +1,8 @@ module github.com/hashicorp/boundary/api -go 1.23.1 +go 1.21 + +toolchain go1.21.5 require ( github.com/hashicorp/boundary/sdk v0.0.48 diff --git a/api/proxy/proxy_test.go b/api/proxy/proxy_test.go index e5a177f3f3..6bcebb0a28 100644 --- a/api/proxy/proxy_test.go +++ b/api/proxy/proxy_test.go @@ -169,9 +169,6 @@ func testSessionAuth(t *testing.T) *targets.SessionAuthorizationData { { Address: "localhost:9202", }, - { - Address: "[::1]:9201", - }, }, } diff --git a/enos/README.md b/enos/README.md index 476e651ddf..bda267d871 100644 --- a/enos/README.md +++ b/enos/README.md @@ -8,82 +8,67 @@ the results of the `build` workflow, scenarios are executable from a developer machine that has the requisite dependencies and configuration. Refer to the [enos documentation](https://github.com/hashicorp/Enos-Docs) -for further information regarding installation, execution, or composing Enos scenarios. - -## Setup -* Terraform >= 1.0 -* Vault >= 1.12.2 -* Enos >= v0.0.28 -* Doormat -```shell -brew tap hashicorp/tap -brew install hashicorp/tap/vault -brew install hashicorp/tap/terraform -brew install hashicorp/tap/enos -brew install coreutils - -# Install doormat cli -brew tap hashicorp/security git@github.com:hashicorp/homebrew-security.git -brew install hashicorp/security/doormat-cli -``` +for further information regarding installation, execution or composing Enos scenarios. +## Requirements * AWS access. HashiCorp Boundary developers should use Doormat. +* Terraform >= 1.0 +* Enos >= v0.0.28 (`brew tap hashicorp/tap && brew update && brew install hashicorp/tap/enos`) * An SSH keypair in the AWS region you wish to run the scenario. You can use doormat to login to the AWS console to create or upload an existing keypair. -```shell -# Create a SSH Key Pair -ssh-keygen -t ed25519 -C "your_email@example.com" - -# -# Go to the console for the corresponding AWS account -# Select the desired AWS region on the top-right -# Go to EC2 -> Key Pairs -> Actions -> Import Key Pair -> Import public key file (.pub) -# Note the name of the key pair -``` -* Boundary CLI installed locally +* Boundary installed locally. `make install` will put it in `$GOPATH/bin`, which + you can use with the `local_boundary_dir` variable, e.g. + `local_boundary_dir = /Users//.go/bin`. -### Enos Variables +## Scenarios Variables In CI, each scenario is executed via Github Actions and has been configured using environment variable inputs that follow the `ENOS_VAR_varname` pattern. For local execution you can specify all the required variables using environment variables, or you can update `enos.vars.hcl` with values and uncomment the lines. +Variables that are required: +- `aws_ssh_private_key_path` +- `aws_ssh_keypair_name` +- `enos_user` +- `local_boundary_dir` + If you want to use the `builder:crt` variant to simulate execution in CI you'll also need to specify `crt_bundle_path` to a local boundary install bundle. -See [enos.vars.hcl](./enos.vars.hcl) for complete descriptions of each variable. +If you want to modify which port the ALB listens on to proxy controller API +requests, you can specify the `alb_listener_api_port`. -You can either modify `enos.vars.hcl` directly or create your own copy at -`enos-local.vars.hcl` which gets ignored by git. +See [enos.vars.hcl](./enos.vars.hcl) for complete descriptions of each variable. ## Executing Scenarios From the `enos` directory: ```bash -# List all available scenarios. Scenarios can be found in enos/enos-scenario* +# list all available scenarios enos scenario list - -# Launch an individual scenario but leave infrastructure up after execution -enos scenario launch e2e_aws builder:local - -# Explicitly destroy all existing infrastructure -enos scenario destroy integration builder:local +# run the cli_ui scenario with an artifact that is built locally. Make sure +# the local machine has been configured for the cli_ui scenario as detailed in +# the requirements section. This will execute the scenario and clean up any +# resources if successful. +enos scenario run integration builder:local test:cli_ui +# launch an individual scenario but leave infrastructure up after execution +enos scenario launch integration builder:local test:cli_ui +# check an individual scenario for validity. This is useful during scenario +# authoring and debugging. +enos scenario validate integration builder:local test:cli_ui +# if you've run the tests and need to outputs, such as the URL or credentials, +# you can run the output command to see them. Please note that after "run" or +# destroy there will be no "outputs" as the infrastructure will have been +# destroyed. +enos scenario output integration builder:local test:cli_ui +# explicitly destroy all existing infrastructure +enos scenario destroy integration builder:local test:cli_ui ``` Refer to the [enos documentation](https://github.com/hashicorp/Enos-Docs) for further information regarding installation, execution or composing scenarios. -To get information about the environment that was created... -```shell -# Scenarios that start with `e2e` can get environment information using a script. It can be helpful to set some aliases in your shell profile -alias enosenv="source <(. ${BOUNDARY_REPO}/enos/scripts/test_e2e_env.sh); . ${BOUNDARY_REPO}/enos/scripts/test_e2e_env.sh" -alias enosenvent="source <(. ${BOUNDARY_ENTEPRISE_REPO}/enos/scripts/test_e2e_env.sh); . ${BOUNDARY_ENTEPRISE_REPO}/enos/scripts/test_e2e_env.sh" - -# Some scenarios don't start with `e2e` can get environment information using an enos command -enos scenario output hcp_session_recording builder:local -``` - # Scenarios ## Infrastructure Integration @@ -109,6 +94,22 @@ you could test that version against the cluster by setting `local_boundary_dir` The `builder:local` variant will build an install bundle as part of the scenario and copy it to each worker and controller node. This allows you to execute the scenario using an artifact of the current branch. + * `test:smoke` + The `test:smoke` variant runs a basic smoke test. It first provisions one + or more "target" nodes that don't have access on port 22. It then creates a + test catalog and host set and adds each of the "target" node(s) as + hosts/targets. It then SSH's to the target using `boundary` to verify that + it is able. + * `test:cli_ui` + The `test:cli_ui` variant creates implied dependencies for the Bats CLI UI tests + in the Boundary cluster and then executes the Bats CLI UI tests against it. This + scenario requires the machine executing `enos` to be configured for the Bats + tests as described in the Requirements section. + +## End-to-end tests + +Scenarios with `e2e_` invoke an end-to-end test suite written in Go. Different tests +are invoked depending on the scenario. # CI Bootstrap In order to execute any of the scenarios in this repository, it is first necessary to bootstrap the diff --git a/enos/ci/hcp-resources/.gitignore b/enos/ci/hcp-resources/.gitignore deleted file mode 100644 index c45cf41694..0000000000 --- a/enos/ci/hcp-resources/.gitignore +++ /dev/null @@ -1 +0,0 @@ -*.tfvars diff --git a/enos/ci/hcp-resources/README.md b/enos/ci/hcp-resources/README.md deleted file mode 100644 index b25bd987f2..0000000000 --- a/enos/ci/hcp-resources/README.md +++ /dev/null @@ -1,41 +0,0 @@ -# Resources for HCP testing - -This Terraform module defines resources needed to test against a long-lived HCP cluster. - -## Prerequisites - -- Gain access to the TFC `hashicorp-qti` org -- Generate a TFC API token under *Account Settings* > *Tokens* - -## Usage - -```shell -# Get AWS account credentials -doormat login -source <(doormat aws export --account ${AWS_ACCOUNT}) - -terraform login # enter TFC API token to the hashicorp-qti org -terraform init -terraform plan -terraform apply -``` - -The output contains information that we will need. For sensitive values, we will -need to use these commands. - -```shell -terraform state pull | jq .outputs.worker_tokens.value -terraform state pull | jq .outputs.bucket_secret_access_key.value -``` - -You can also find output information using the TFC UI by navigating to the -`boundary-hcp-resources` workspace. - -If any of these values have changed, we will need to update the Vault instance -that stores these values. - -## Notes - -- Created a `boundary-hcp-resources` workspace in the TFC org - - Set *Workflow* to `CLI-Driven` - - Set *Execution Mode* to `Local` diff --git a/enos/ci/hcp-resources/main.tf b/enos/ci/hcp-resources/main.tf deleted file mode 100644 index 4af20e198a..0000000000 --- a/enos/ci/hcp-resources/main.tf +++ /dev/null @@ -1,141 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - } - enos = { - source = "registry.terraform.io/hashicorp-forge/enos" - } - } - - cloud { - hostname = "app.terraform.io" - organization = "hashicorp-qti" - - workspaces { - name = "boundary-hcp-resources" - } - } -} - -data "aws_caller_identity" "current" {} - -provider "aws" { - region = var.aws_region -} - -provider "enos" { - transport = { - ssh = { - user = "ubuntu" - private_key_path = abspath(var.aws_ssh_private_key_path) - } - } -} - -locals { - worker_instance_type = "t3a.small" - target_instance_type = "t2.micro" - - egress_tag = "egress" - - license_path = abspath(var.boundary_license_path) - boundary_zip_path = abspath(var.boundary_zip_path) - - cluster_tag = "boundary_hcp_testing" - project_tag = "boundary_hcp_testing" - environment_tag = "hcp" - tags = merge({ - "Project Name" : local.project_tag, - "Project" : local.project_tag, - "Environment" : local.environment_tag, - }) -} - -module "find_azs" { - source = "../../modules/aws_az_finder" - - instance_type = [ - local.worker_instance_type, - local.target_instance_type - ] -} - -module "license" { - source = "../../modules/read_license" - - file_name = abspath(local.license_path) -} - -module "iam_user" { - source = "../../modules/aws_iam_setup" - - test_id = local.environment_tag - test_email = split(":", data.aws_caller_identity.current.user_id)[1] -} - -module "base_infra" { - source = "../../modules/aws_vpc" - - availability_zones = module.find_azs.availability_zones - common_tags = local.tags -} - -module "worker" { - depends_on = [module.base_infra] - source = "../../modules/aws_boundary" - - controller_count = 0 - worker_count = var.worker_count - db_create = false - aws_region = var.aws_region - hcp_boundary_cluster_id = var.hcp_boundary_cluster_id - ssh_aws_keypair = var.aws_ssh_keypair_name - boundary_license = module.license.license - kms_key_arn = module.base_infra.kms_key_arn - ubuntu_ami_id = module.base_infra.ami_ids["ubuntu"]["amd64"] - vpc_id = module.base_infra.vpc_id - vpc_tag_module = module.base_infra.vpc_tag_module - worker_instance_type = local.worker_instance_type - worker_type_tags = [local.egress_tag] - worker_config_file_path = "templates/worker_hcp_bsr.hcl" - recording_storage_path = "/recordings" - local_artifact_path = local.boundary_zip_path - environment = local.environment_tag - project_name = local.project_tag - common_tags = local.tags -} - -module "storage_bucket" { - depends_on = [module.iam_user] - source = "../../modules/aws_bucket" - - cluster_tag = local.cluster_tag - user = module.iam_user.user_name - is_user = true -} - -module "target_tags" { - source = "../../modules/generate_aws_host_tag_vars" - - tag_name = local.project_tag - tag_value = "true" -} - -module "target" { - source = "../../modules/aws_target" - - target_count = var.target_count - aws_ssh_keypair_name = var.aws_ssh_keypair_name - instance_type = local.target_instance_type - enos_user = local.cluster_tag - environment = local.environment_tag - project_name = local.project_tag - ami_id = module.base_infra.ami_ids["ubuntu"]["amd64"] - vpc_id = module.base_infra.vpc_id - subnet_ids = module.worker.subnet_ids - additional_tags = module.target_tags.tag_map -} diff --git a/enos/ci/hcp-resources/outputs.tf b/enos/ci/hcp-resources/outputs.tf deleted file mode 100644 index 65ef0e0b5c..0000000000 --- a/enos/ci/hcp-resources/outputs.tf +++ /dev/null @@ -1,44 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -output "bucket_access_key_id" { - value = module.iam_user.access_key_id -} - -output "bucket_secret_access_key" { - sensitive = true - value = module.iam_user.secret_access_key -} - -output "bucket_name" { - value = module.storage_bucket.bucket_name -} - -output "host_set_filter" { - value = module.target_tags.tag_string -} - -output "target_public_ip" { - value = module.target.target_public_ips -} - -output "target_private_ip" { - value = module.target.target_private_ips -} - -output "target_ssh_user" { - value = "ubuntu" -} - -output "worker_ip" { - value = module.worker.worker_ips -} - -output "worker_tokens" { - sensitive = true - value = module.worker.worker_tokens -} - -output "region" { - value = var.aws_region -} diff --git a/enos/ci/hcp-resources/variables.tf b/enos/ci/hcp-resources/variables.tf deleted file mode 100644 index 7d2f2e38e7..0000000000 --- a/enos/ci/hcp-resources/variables.tf +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -variable "aws_region" { - description = "The AWS region to deploy resources in." - type = string - default = "us-east-1" -} - -variable "hcp_boundary_cluster_id" { - description = "The ID of the HCP Boundary cluster. If on HCP int, prepend the cluster ID with 'int-'. If on HCP dev, prepend the cluster ID with 'dev-'." - type = string -} - -variable "boundary_zip_path" { - description = "Path to Boundary zip file. Version should be a linux_amd64 enterprise variant." - type = string -} - -variable "boundary_license_path" { - description = "Path to the Boundary license file" - type = string -} - -variable "aws_ssh_keypair_name" { - description = "Name of the AWS EC2 keypair to use for SSH access" - type = string -} - -variable "aws_ssh_private_key_path" { - description = "Path to the private key file for the AWS EC2 keypair" - type = string -} - -variable "worker_count" { - description = "Number of workers to create" - type = number - default = 1 -} - -variable "target_count" { - description = "Number of targets to create" - type = number - default = 1 -} diff --git a/enos/modules/aws_boundary/templates/worker.hcl b/enos/modules/aws_boundary/templates/worker.hcl index afcd95ce4c..90e2bc2d88 100644 --- a/enos/modules/aws_boundary/templates/worker.hcl +++ b/enos/modules/aws_boundary/templates/worker.hcl @@ -13,7 +13,7 @@ worker { description = "Enos Boundary worker ${id}" # Workers must be able to reach controllers on :9201 - initial_upstreams = ${controller_ips} + controllers = ${controller_ips} public_addr = "${public_addr}" diff --git a/enos/modules/aws_boundary/templates/worker_bsr.hcl b/enos/modules/aws_boundary/templates/worker_bsr.hcl index 764735fef8..b1446cafb0 100644 --- a/enos/modules/aws_boundary/templates/worker_bsr.hcl +++ b/enos/modules/aws_boundary/templates/worker_bsr.hcl @@ -13,7 +13,7 @@ worker { description = "Enos Boundary worker ${id}" # Workers must be able to reach controllers on :9201 - initial_upstreams = ${controller_ips} + controllers = ${controller_ips} public_addr = "${public_addr}" diff --git a/go.mod b/go.mod index 4a46436146..7eadd41583 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary -go 1.23.1 +go 1.22.5 replace github.com/hashicorp/boundary/api => ./api @@ -66,11 +66,11 @@ require ( github.com/stretchr/testify v1.9.0 github.com/zalando/go-keyring v0.2.3 go.uber.org/atomic v1.11.0 - golang.org/x/crypto v0.25.0 - golang.org/x/sync v0.7.0 - golang.org/x/sys v0.22.0 - golang.org/x/term v0.22.0 - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d + golang.org/x/crypto v0.27.0 + golang.org/x/sync v0.8.0 + golang.org/x/sys v0.25.0 + golang.org/x/term v0.24.0 + golang.org/x/tools v0.25.0 google.golang.org/genproto v0.0.0-20240205150955-31a09d347014 google.golang.org/grpc v1.61.1 google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0 @@ -101,8 +101,8 @@ require ( github.com/miekg/dns v1.1.58 github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a github.com/sevlyar/go-daemon v0.1.6 - golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 - golang.org/x/net v0.25.0 + golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 + golang.org/x/net v0.29.0 google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 ) @@ -128,7 +128,7 @@ require ( github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect - github.com/moby/sys/user v0.1.0 // indirect + github.com/moby/sys/user v0.3.0 // indirect github.com/ncruces/go-strftime v0.1.9 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 // indirect go.opentelemetry.io/otel v1.23.1 // indirect @@ -160,7 +160,7 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/containerd/continuity v0.4.3 // indirect github.com/coreos/go-oidc/v3 v3.9.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect github.com/danieljoos/wincred v1.2.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/docker/cli v25.0.3+incompatible // indirect @@ -221,9 +221,9 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xo/dburl v0.23.1 // indirect - golang.org/x/mod v0.17.0 // indirect + golang.org/x/mod v0.21.0 // indirect golang.org/x/oauth2 v0.17.0 // indirect - golang.org/x/text v0.16.0 + golang.org/x/text v0.18.0 golang.org/x/time v0.5.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 // indirect diff --git a/go.sum b/go.sum index 828d0d4a71..46ac09a092 100644 --- a/go.sum +++ b/go.sum @@ -70,8 +70,8 @@ github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3 github.com/coreos/go-oidc/v3 v3.9.0 h1:0J/ogVOd4y8P0f0xUh8l9t07xRP/d8tccvjHl2dcsSo= github.com/coreos/go-oidc/v3 v3.9.0/go.mod h1:rTKz2PYwftcrtoCzV5g5kvfJoWcm0Mk8AF8y1iAQro4= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc= +github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0= github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= @@ -390,8 +390,8 @@ github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zx github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= -github.com/moby/sys/user v0.1.0 h1:WmZ93f5Ux6het5iituh9x2zAG7NFY9Aqi49jjE1PaQg= -github.com/moby/sys/user v0.1.0/go.mod h1:fKJhFOnsCN6xZ5gSfbM6zaHGgDJMrqt9/reuj4T7MmU= +github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo= +github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= @@ -547,11 +547,11 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= -golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= +golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= +golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 h1:/RIbNt/Zr7rVhIkQhooTxCxFcdWLGIKnZA4IXNFSrvo= -golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= +golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk= +golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= @@ -564,8 +564,8 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20211102181907-3a5865c02020/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0= +golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -583,8 +583,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= +golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= @@ -595,8 +595,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -625,8 +625,8 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= +golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -635,8 +635,8 @@ golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= -golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= +golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= +golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -647,8 +647,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= +golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= +golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -664,8 +664,8 @@ golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE= +golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/internal/auth/oidc/repository_auth_method_update_test.go b/internal/auth/oidc/repository_auth_method_update_test.go index 45a7ca1ff9..48b77b572d 100644 --- a/internal/auth/oidc/repository_auth_method_update_test.go +++ b/internal/auth/oidc/repository_auth_method_update_test.go @@ -724,7 +724,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) { // do not run these tests with t.Parallel() ctx := context.Background() - tp := oidc.StartTestProvider(t, oidc.WithTestHost("::1")) + tp := oidc.StartTestProvider(t) tpClientId := "alice-rp" tpClientSecret := "her-dog's-name" tp.SetClientCreds(tpClientId, tpClientSecret) @@ -744,7 +744,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) { databaseWrapper, err := kmsCache.GetWrapper(context.Background(), org.PublicId, kms.KeyPurposeDatabase) require.NoError(t, err) port := testutil.TestFreePort(t) - testAuthMethodCallback, err := url.Parse(fmt.Sprintf("http://[::1]:%d/callback", port)) + testAuthMethodCallback, err := url.Parse(fmt.Sprintf("http://localhost:%d/callback", port)) require.NoError(t, err) testAuthMethod := TestAuthMethod(t, conn, databaseWrapper, @@ -793,7 +793,7 @@ func Test_ValidateDiscoveryInfo(t *testing.T) { authMethod: func() *AuthMethod { cp := testAuthMethod.Clone() port := testutil.TestFreePort(t) - cp.Issuer = fmt.Sprintf("http://[::1]:%d", port) + cp.Issuer = fmt.Sprintf("http://localhost:%d", port) return cp }(), withAuthMethod: true, @@ -1327,7 +1327,7 @@ func Test_pingEndpoint(t *testing.T) { }, nil }, } - return client, http.MethodGet, "http://[::1]/get" + return client, http.MethodGet, "http://localhost/get" }, wantStatus: 200, }, @@ -1341,7 +1341,7 @@ func Test_pingEndpoint(t *testing.T) { }, nil }, } - return client, http.MethodGet, "http://[::1]/get" + return client, http.MethodGet, "http://localhost/get" }, wantStatus: 500, }, @@ -1353,7 +1353,7 @@ func Test_pingEndpoint(t *testing.T) { return nil, fmt.Errorf("invalid request") }, } - return client, http.MethodGet, "http://[::1]/get" + return client, http.MethodGet, "http://localhost/get" }, wantErr: true, }, diff --git a/internal/bsr/ssh/chunk_decode_test.go b/internal/bsr/ssh/chunk_decode_test.go index be2424cd93..292ec168c8 100644 --- a/internal/bsr/ssh/chunk_decode_test.go +++ b/internal/bsr/ssh/chunk_decode_test.go @@ -642,171 +642,6 @@ func TestDecodeChunk(t *testing.T) { }, }, }, - { - &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.CancelTCPIPForwardReqChunkType, - }, - func() []byte { - msg := &pssh.CancelTCPIPForwardRequest{ - RequestType: ssh.CancelTCPIPForwardRequestType, - WantReply: false, - AddressToBind: "::1", - PortToBind: 87565, - } - data, err := proto.Marshal(msg) - require.NoError(t, err) - return data - }(), - &ssh.CancelTCPIPForwardRequest{ - BaseChunk: &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.CancelTCPIPForwardReqChunkType, - }, - CancelTCPIPForwardRequest: &pssh.CancelTCPIPForwardRequest{ - RequestType: ssh.CancelTCPIPForwardRequestType, - WantReply: false, - AddressToBind: "::1", - PortToBind: 87565, - }, - }, - }, - { - &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.DirectTCPIPReqChunkType, - }, - func() []byte { - msg := &pssh.DirectTCPIPRequest{ - RequestType: ssh.DirectTCPIPRequestType, - SenderChannel: 5, - InitialWindowSize: 60, - MaximumPacketSize: 512, - Host: "::1", - Port: 87654, - OriginatorIpAddress: "10.0.0.1", - OriginatorPort: 22, - } - data, err := proto.Marshal(msg) - require.NoError(t, err) - return data - }(), - &ssh.DirectTCPIPRequest{ - BaseChunk: &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.DirectTCPIPReqChunkType, - }, - DirectTCPIPRequest: &pssh.DirectTCPIPRequest{ - RequestType: ssh.DirectTCPIPRequestType, - SenderChannel: 5, - InitialWindowSize: 60, - MaximumPacketSize: 512, - Host: "::1", - Port: 87654, - OriginatorIpAddress: "10.0.0.1", - OriginatorPort: 22, - }, - }, - }, - { - &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.ForwardedTCPIPReqChunkType, - }, - func() []byte { - msg := &pssh.ForwardedTCPIPRequest{ - RequestType: ssh.ForwardedTCPIPRequestType, - SenderChannel: 5, - InitialWindowSize: 70, - MaximumPacketSize: 1024, - Address: "10.0.0.45", - Port: 2222, - OriginatorIpAddress: "::1", - OriginatorPort: 8765, - } - data, err := proto.Marshal(msg) - require.NoError(t, err) - return data - }(), - &ssh.ForwardedTCPIPRequest{ - BaseChunk: &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.ForwardedTCPIPReqChunkType, - }, - ForwardedTCPIPRequest: &pssh.ForwardedTCPIPRequest{ - RequestType: ssh.ForwardedTCPIPRequestType, - SenderChannel: 5, - InitialWindowSize: 70, - MaximumPacketSize: 1024, - Address: "10.0.0.45", - Port: 2222, - OriginatorIpAddress: "::1", - OriginatorPort: 8765, - }, - }, - }, - { - &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.TCPIPForwardReqChunkType, - }, - func() []byte { - msg := &pssh.TCPIPForwardRequest{ - RequestType: ssh.TCPIPForwardRequestType, - WantReply: false, - AddressToBind: "::1", - PortToBind: 2222, - } - data, err := proto.Marshal(msg) - require.NoError(t, err) - return data - }(), - &ssh.TCPIPForwardRequest{ - BaseChunk: &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.TCPIPForwardReqChunkType, - }, - TCPIPForwardRequest: &pssh.TCPIPForwardRequest{ - RequestType: ssh.TCPIPForwardRequestType, - WantReply: false, - AddressToBind: "::1", - PortToBind: 2222, - }, - }, - }, - { - &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.X11ReqChunkType, - }, - func() []byte { - msg := &pssh.X11Request{ - RequestType: ssh.X11RequestType, - SenderChannel: 6, - InitialWindowSize: 40, - MaximumPacketSize: 512, - OriginatorAddress: "::1", - OriginatorPort: 2222, - } - data, err := proto.Marshal(msg) - require.NoError(t, err) - return data - }(), - &ssh.X11Request{ - BaseChunk: &bsr.BaseChunk{ - Protocol: ssh.Protocol, - Type: ssh.X11ReqChunkType, - }, - X11Request: &pssh.X11Request{ - RequestType: ssh.X11RequestType, - SenderChannel: 6, - InitialWindowSize: 40, - MaximumPacketSize: 512, - OriginatorAddress: "::1", - OriginatorPort: 2222, - }, - }, - }, } for _, tc := range cases { diff --git a/internal/clientcache/internal/daemon/options_test.go b/internal/clientcache/internal/daemon/options_test.go index 4fd8bb4d68..2f161c40d8 100644 --- a/internal/clientcache/internal/daemon/options_test.go +++ b/internal/clientcache/internal/daemon/options_test.go @@ -26,10 +26,10 @@ func Test_GetOpts(t *testing.T) { assert.Equal(t, opts, testOpts) }) t.Run("WithUrl", func(t *testing.T) { - opts, err := getOpts(WithUrl(ctx, "http://[::1]:9200")) + opts, err := getOpts(WithUrl(ctx, "http://localhost:9200")) require.NoError(t, err) testOpts := getDefaultOptions() - testOpts.withUrl = "http://[::1]:9200" + testOpts.withUrl = "http://localhost:9200" assert.Equal(t, opts, testOpts) }) t.Run("WithLogger", func(t *testing.T) { diff --git a/internal/cmd/base/base.go b/internal/cmd/base/base.go index e668743f31..86156ab916 100644 --- a/internal/cmd/base/base.go +++ b/internal/cmd/base/base.go @@ -69,14 +69,13 @@ const ( // maxLineLength is the maximum width of any line. maxLineLength int = 78 - envToken = "BOUNDARY_TOKEN" - EnvTokenName = "BOUNDARY_TOKEN_NAME" - EnvKeyringType = "BOUNDARY_KEYRING_TYPE" - envRecoveryConfig = "BOUNDARY_RECOVERY_CONFIG" - envSkipCacheDaemon = "BOUNDARY_SKIP_CACHE_DAEMON" - envSkipClientAgent = "BOUNDARY_SKIP_CLIENT_AGENT" - EnvClientAgentPort = "BOUNDARY_CLIENT_AGENT_LISTENING_PORT" - EnvBoundaryClientAgentCliErrorOutput = "BOUNDARY_CLIENT_AGENT_CLI_ERROR_OUTPUT" + envToken = "BOUNDARY_TOKEN" + EnvTokenName = "BOUNDARY_TOKEN_NAME" + EnvKeyringType = "BOUNDARY_KEYRING_TYPE" + envRecoveryConfig = "BOUNDARY_RECOVERY_CONFIG" + envSkipCacheDaemon = "BOUNDARY_SKIP_CACHE_DAEMON" + envSkipClientAgent = "BOUNDARY_SKIP_CLIENT_AGENT" + EnvClientAgentPort = "BOUNDARY_CLIENT_AGENT_LISTENING_PORT" StoredTokenName = "HashiCorp Boundary Auth Token" ) @@ -108,15 +107,14 @@ type Command struct { flagTLSServerName string flagTLSInsecure bool - flagFormat string - FlagToken string - FlagTokenName string - FlagKeyringType string - FlagRecoveryConfig string - FlagOutputCurlString bool - FlagSkipCacheDaemon bool - FlagSkipClientAgent bool - FlagOutputClientAgentCliError bool + flagFormat string + FlagToken string + FlagTokenName string + FlagKeyringType string + FlagRecoveryConfig string + FlagOutputCurlString bool + FlagSkipCacheDaemon bool + FlagSkipClientAgent bool FlagClientAgentPort uint16 @@ -493,14 +491,6 @@ func (c *Command) FlagSet(bit FlagSetBit) *FlagSets { Usage: "Skips starting the caching daemon or sending the current used/retrieved token to the caching daemon.", }) - f.BoolVar(&BoolVar{ - Name: "output-client-agent-cli-error", - Target: &c.FlagOutputClientAgentCliError, - Default: false, - EnvVar: EnvBoundaryClientAgentCliErrorOutput, - Usage: "Enables outputting CLI errors encountered for client-agent callbacks.", - }) - f.BoolVar(&BoolVar{ Name: "skip-client-agent", Target: &c.FlagSkipClientAgent, diff --git a/internal/cmd/base/server_test.go b/internal/cmd/base/server_test.go index 3fbb20b0ef..7784f5f450 100644 --- a/internal/cmd/base/server_test.go +++ b/internal/cmd/base/server_test.go @@ -496,7 +496,7 @@ func TestSetupWorkerPublicAddress(t *testing.T) { expPublicAddress: ":9202", }, { - name: "setting public address directly with ipv4", + name: "setting public address directly with ip", inputConfig: &config.Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{}, @@ -511,7 +511,7 @@ func TestSetupWorkerPublicAddress(t *testing.T) { expPublicAddress: "127.0.0.1:9202", }, { - name: "setting public address directly with ipv4:port", + name: "setting public address directly with ip:port", inputConfig: &config.Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{}, @@ -525,66 +525,6 @@ func TestSetupWorkerPublicAddress(t *testing.T) { expErrStr: "", expPublicAddress: "127.0.0.1:8080", }, - { - name: "setting public address directly with ipv6", - inputConfig: &config.Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Worker: &config.Worker{ - PublicAddr: "[2001:4860:4860:0:0:0:0:8888]", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicAddress: "[2001:4860:4860:0:0:0:0:8888]:9202", - }, - { - name: "setting public address directly with ipv6:port", - inputConfig: &config.Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Worker: &config.Worker{ - PublicAddr: "[2001:4860:4860:0:0:0:0:8888]:8080", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicAddress: "[2001:4860:4860:0:0:0:0:8888]:8080", - }, - { - name: "setting public address directly with abbreviated ipv6", - inputConfig: &config.Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Worker: &config.Worker{ - PublicAddr: "[2001:4860:4860::8888]", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicAddress: "[2001:4860:4860::8888]:9202", - }, - { - name: "setting public address directly with abbreviated ipv6:port", - inputConfig: &config.Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Worker: &config.Worker{ - PublicAddr: "[2001:4860:4860::8888]:8080", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicAddress: "[2001:4860:4860::8888]:8080", - }, { name: "setting public address to env var", inputConfig: &config.Config{ diff --git a/internal/cmd/base/servers.go b/internal/cmd/base/servers.go index b5392a53b1..185d7a55df 100644 --- a/internal/cmd/base/servers.go +++ b/internal/cmd/base/servers.go @@ -14,7 +14,6 @@ import ( "os" "os/signal" "path/filepath" - "regexp" "sort" "strconv" "strings" @@ -58,10 +57,6 @@ const ( WorkerAuthReqFile = "auth_request_token" ) -// This regular expression is used to find all instances of square brackets within a string. -// This regular expression is used to remove the square brackets from an IPv6 address. -var squareBrackets = regexp.MustCompile("\\[|\\]") - func init() { metric.InitializeBuildInfo(prometheus.DefaultRegisterer) } @@ -850,12 +845,7 @@ func (b *Server) SetupWorkerPublicAddress(conf *config.Config, flagValue string) return fmt.Errorf("Error splitting public adddress host/port: %w", err) } } - - // remove the square brackets from the ipv6 address because the method - // net.JoinHostPort() will add a second pair of square brackets. - host = squareBrackets.ReplaceAllString(host, "") conf.Worker.PublicAddr = net.JoinHostPort(host, port) - return nil } diff --git a/internal/cmd/commands/clientagentcmd/addtoken.go b/internal/cmd/commands/clientagentcmd/addtoken.go index 5a60da9dcd..3c424b3b3e 100644 --- a/internal/cmd/commands/clientagentcmd/addtoken.go +++ b/internal/cmd/commands/clientagentcmd/addtoken.go @@ -48,7 +48,9 @@ func addToken(ctx context.Context, apiClient *api.Client, port uint16) (*api.Res client.RetryWaitMin = 100 * time.Millisecond client.RetryWaitMax = 1500 * time.Millisecond - // Explicitly setting this to 0, since this runs after every command and we don't want any delays + // TODO (ICU-13140): Until we release the client agent, do not retry attempts + // to connect to the client agent since it adds a noticeably long delay to + // the command. client.RetryMax = 0 req, err := retryablehttp.NewRequestWithContext(ctx, "POST", clientAgentUrl(port, "v1/tokens"), diff --git a/internal/cmd/commands/clientagentcmd/status.go b/internal/cmd/commands/clientagentcmd/status.go index 1f7a8d693a..118c0cc30d 100644 --- a/internal/cmd/commands/clientagentcmd/status.go +++ b/internal/cmd/commands/clientagentcmd/status.go @@ -118,7 +118,6 @@ func (c *StatusCommand) Status(ctx context.Context) (*api.Response, *GetStatusRe client.Logger = nil client.RetryWaitMin = 100 * time.Millisecond client.RetryWaitMax = 1500 * time.Millisecond - client.RetryMax = 1 req, err := retryablehttp.NewRequestWithContext(ctx, "GET", clientAgentUrl(c.FlagClientAgentPort, "v1/status"), nil) if err != nil { diff --git a/internal/cmd/commands/clientagentcmd/wrapper_register.go b/internal/cmd/commands/clientagentcmd/wrapper_register.go index 3c4e7e2a47..76d8fe4a36 100644 --- a/internal/cmd/commands/clientagentcmd/wrapper_register.go +++ b/internal/cmd/commands/clientagentcmd/wrapper_register.go @@ -10,6 +10,10 @@ import ( "github.com/hashicorp/boundary/internal/cmd/wrapper" ) +// TODO (ICU-13140): Remove this and re-enable error output for background +// client agent token sending. +const allowErrorOutput = false + func init() { if err := wrapper.RegisterSuccessfulCommandCallback("client-agent", hook); err != nil { panic(err) @@ -21,7 +25,7 @@ func hook(ctx context.Context, baseCmd *base.Command, token string) { return } client, err := baseCmd.Client() - if err != nil && baseCmd.FlagOutputClientAgentCliError { + if err != nil && allowErrorOutput { baseCmd.PrintCliError(err) return } @@ -29,10 +33,10 @@ func hook(ctx context.Context, baseCmd *base.Command, token string) { client.SetToken(token) } _, apiErr, err := addToken(ctx, client, baseCmd.FlagClientAgentPort) - if err != nil && baseCmd.FlagOutputClientAgentCliError { + if err != nil && allowErrorOutput { baseCmd.PrintCliError(err) } - if apiErr != nil && baseCmd.FlagOutputClientAgentCliError { + if apiErr != nil && allowErrorOutput { baseCmd.PrintApiError(apiErr, "sending token to client agent in the background") } } diff --git a/internal/cmd/commands/server/server.go b/internal/cmd/commands/server/server.go index b62dac74c6..2d6cc2cd38 100644 --- a/internal/cmd/commands/server/server.go +++ b/internal/cmd/commands/server/server.go @@ -340,6 +340,9 @@ func (c *Command) Run(args []string) int { c.UI.Error(`Config activates worker but no listener with "proxy" purpose found`) return base.CommandUserError } + if c.Config.Worker.ControllersRaw != nil { + c.UI.Warn("The \"controllers\" field for worker config is deprecated. Please use \"initial_upstreams\" instead.") + } if err := c.SetupWorkerPublicAddress(c.Config, ""); err != nil { c.UI.Error(err.Error()) diff --git a/internal/cmd/commands/targetscmd/funcs.go b/internal/cmd/commands/targetscmd/funcs.go index 0905e74976..c0a9c69c97 100644 --- a/internal/cmd/commands/targetscmd/funcs.go +++ b/internal/cmd/commands/targetscmd/funcs.go @@ -315,9 +315,6 @@ func extraFlagsHandlingFuncImpl(c *Command, _ *base.FlagSets, opts *[]targets.Op if strutil.StrListContains(flagsMap[c.Func], "scope-id") && c.FlagScopeId != "" { *opts = append(*opts, targets.WithScopeId(c.FlagScopeId)) } - if strutil.StrListContains(flagsMap[c.Func], "scope-name") && c.FlagScopeName != "" { - *opts = append(*opts, targets.WithScopeName(c.FlagScopeName)) - } switch c.Func { case "add-host-sources", "remove-host-sources": diff --git a/internal/cmd/config/config.go b/internal/cmd/config/config.go index 6b2dbbc1a4..7e900c4b1b 100644 --- a/internal/cmd/config/config.go +++ b/internal/cmd/config/config.go @@ -15,7 +15,6 @@ import ( "net" "os" "reflect" - "regexp" "strconv" "strings" "time" @@ -133,10 +132,6 @@ kms "aead" { defaultCsp = "default-src 'none'; script-src 'self' 'wasm-unsafe-eval'; frame-src 'self'; font-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; media-src 'self'; manifest-src 'self'; style-src-attr 'self'; frame-ancestors 'self'" ) -// This regular expression is used to find all instances of square brackets within a string. -// This regular expression is used to remove the square brackets from an IPv6 address. -var squareBrackets = regexp.MustCompile("\\[|\\]") - // Config is the configuration for the boundary controller type Config struct { *configutil.SharedConfig `hcl:"-"` @@ -271,6 +266,10 @@ type Worker struct { InitialUpstreams []string `hcl:"-"` InitialUpstreamsRaw any `hcl:"initial_upstreams"` + // The ControllersRaw field is deprecated and users should use InitialUpstreamsRaw instead. + // TODO: remove this field when support is discontinued. + ControllersRaw any `hcl:"controllers"` + // We use a raw interface for parsing so that people can use JSON-like // syntax that maps directly to the filter input or possibly more familiar // key=value syntax, as well as accepting a string denoting an env or file @@ -1052,6 +1051,17 @@ func Parse(d string) (*Config, error) { return result, nil } +// supportControllersRawConfig returns either initialUpstreamsRaw or controllersRaw depending on which is populated. Errors when both fields are populated. +func supportControllersRawConfig(initialUpstreamsRaw, controllersRaw any) (any, error) { + switch { + case initialUpstreamsRaw == nil && controllersRaw != nil: + return controllersRaw, nil + case initialUpstreamsRaw != nil && controllersRaw != nil: + return nil, fmt.Errorf("both initial_upstreams and controllers fields are populated") + } + return initialUpstreamsRaw, nil +} + func parseApiRateLimits(node ast.Node) (ratelimit.Configs, error) { list, ok := node.(*ast.ObjectList) if !ok { @@ -1088,15 +1098,19 @@ func parseWorkerUpstreams(c *Config) ([]string, error) { if c == nil || c.Worker == nil { return nil, fmt.Errorf("config or worker field is nil") } - if c.Worker.InitialUpstreamsRaw == nil { + if c.Worker.InitialUpstreamsRaw == nil && c.Worker.ControllersRaw == nil { // return nil here so that other address sources can be provided outside of config return nil, nil } + rawUpstreams, err := supportControllersRawConfig(c.Worker.InitialUpstreamsRaw, c.Worker.ControllersRaw) + if err != nil { + return nil, err + } - switch t := c.Worker.InitialUpstreamsRaw.(type) { + switch t := rawUpstreams.(type) { case []any: var upstreams []string - err := mapstructure.WeakDecode(c.Worker.InitialUpstreamsRaw, &upstreams) + err := mapstructure.WeakDecode(rawUpstreams, &upstreams) if err != nil { return nil, fmt.Errorf("failed to decode worker initial_upstreams block into config field: %w", err) } @@ -1264,12 +1278,7 @@ func (c *Config) SetupControllerPublicClusterAddress(flagValue string) error { return fmt.Errorf("Error splitting public cluster adddress host/port: %w", err) } } - - // remove the square brackets from the ipv6 address because the method - // net.JoinHostPort() will add a second pair of square brackets. - host = squareBrackets.ReplaceAllString(host, "") c.Controller.PublicClusterAddr = net.JoinHostPort(host, port) - return nil } diff --git a/internal/cmd/config/config_load_test.go b/internal/cmd/config/config_load_test.go index 3a42398171..526fc5e289 100644 --- a/internal/cmd/config/config_load_test.go +++ b/internal/cmd/config/config_load_test.go @@ -383,6 +383,7 @@ func TestLoad(t *testing.T) { PublicAddr: "", InitialUpstreams: []string{"boundary:9201"}, InitialUpstreamsRaw: []any{"boundary:9201"}, + ControllersRaw: nil, Tags: nil, TagsRaw: nil, SuccessfulStatusGracePeriodDuration: 0, @@ -809,6 +810,7 @@ func TestLoad(t *testing.T) { PublicAddr: "", InitialUpstreams: []string{"boundary:9201"}, InitialUpstreamsRaw: []any{"boundary:9201"}, + ControllersRaw: nil, Tags: nil, TagsRaw: nil, SuccessfulStatusGracePeriodDuration: 0, @@ -1230,6 +1232,7 @@ func TestLoad(t *testing.T) { PublicAddr: "", InitialUpstreams: []string{"boundary:9201"}, InitialUpstreamsRaw: []any{"boundary:9201"}, + ControllersRaw: nil, Tags: nil, TagsRaw: nil, SuccessfulStatusGracePeriodDuration: 0, @@ -1670,6 +1673,7 @@ func TestLoad(t *testing.T) { PublicAddr: "", InitialUpstreams: []string{"boundary:9201"}, InitialUpstreamsRaw: []any{"boundary:9201"}, + ControllersRaw: nil, Tags: nil, TagsRaw: nil, SuccessfulStatusGracePeriodDuration: 0, diff --git a/internal/cmd/config/config_test.go b/internal/cmd/config/config_test.go index 30449cc7ba..d6aa6e6ae5 100644 --- a/internal/cmd/config/config_test.go +++ b/internal/cmd/config/config_test.go @@ -1495,7 +1495,7 @@ func TestWorkerUpstreams(t *testing.T) { expErr: false, }, { - name: "ipv4 Upstream", + name: "One Upstream", in: ` worker { name = "test" @@ -1505,28 +1505,6 @@ func TestWorkerUpstreams(t *testing.T) { expWorkerUpstreams: []string{"127.0.0.1"}, expErr: false, }, - { - name: "ipv6 Upstream", - in: ` - worker { - name = "test" - initial_upstreams = ["[2001:4860:4860:0:0:0:0:8888]"] - } - `, - expWorkerUpstreams: []string{"[2001:4860:4860:0:0:0:0:8888]"}, - expErr: false, - }, - { - name: "abbreviated ipv6 Upstream", - in: ` - worker { - name = "test" - initial_upstreams = ["[2001:4860:4860::8888]"] - } - `, - expWorkerUpstreams: []string{"[2001:4860:4860::8888]"}, - expErr: false, - }, { name: "Multiple Upstreams", in: ` @@ -1609,6 +1587,40 @@ func TestWorkerUpstreams(t *testing.T) { expErr: true, expErrIs: parseutil.ErrNotAUrl, }, + { + name: "Worker using deprecated controllers field", + in: ` + worker { + name = "test" + controllers = ["127.0.0.1", "127.0.0.2", "127.0.0.3"] + }`, + expWorkerUpstreams: []string{"127.0.0.1", "127.0.0.2", "127.0.0.3"}, + expErr: false, + }, + { + name: "Different values in controllers and initial_upstreams field", + in: ` + worker { + name = "test" + controllers = ["127.0.0.1", "127.0.0.2", "127.0.0.3"] + initial_upstreams = ["127.0.0.1"] + }`, + expWorkerUpstreams: nil, + expErr: true, + expErrStr: "Failed to parse worker upstreams: both initial_upstreams and controllers fields are populated", + }, + { + name: "Identical values in controllers and initial_upstreams field", + in: ` + worker { + name = "test" + controllers = ["127.0.0.1"] + initial_upstreams = ["127.0.0.1"] + }`, + expWorkerUpstreams: nil, + expErr: true, + expErrStr: "Failed to parse worker upstreams: both initial_upstreams and controllers fields are populated", + }, } for _, tt := range tests { @@ -2334,7 +2346,7 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expPublicClusterAddress: ":9201", }, { - name: "setting public cluster address directly with ipv4", + name: "setting public cluster address directly with ip", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{}, @@ -2349,7 +2361,7 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expPublicClusterAddress: "127.0.0.1:9201", }, { - name: "setting public cluster address directly with ipv4:port", + name: "setting public cluster address directly with ip:port", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{}, @@ -2363,66 +2375,6 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expErrStr: "", expPublicClusterAddress: "127.0.0.1:8080", }, - { - name: "setting public cluster address directly with ipv6", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860:0:0:0:0:8888]", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860:0:0:0:0:8888]:9201", - }, - { - name: "setting public cluster address directly with ipv6:port", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860:0:0:0:0:8888]:8080", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860:0:0:0:0:8888]:8080", - }, - { - name: "setting public cluster address directly with abbreviated ipv6", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860::8888]", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860::8888]:9201", - }, - { - name: "setting public cluster address directly with abbreviated ipv6:port", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860::8888]:8080", - }, - }, - inputFlagValue: "", - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860::8888]:8080", - }, { name: "setting public cluster address to env var", inputConfig: &Config{ @@ -2578,7 +2530,7 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expPublicClusterAddress: "127.0.0.1:8080", }, { - name: "read address from listeners ipv4 only", + name: "read address from listeners ip only", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{ @@ -2592,7 +2544,7 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expPublicClusterAddress: "127.0.0.1:9201", }, { - name: "read address from listeners ipv4:port", + name: "read address from listeners ip:port", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{ @@ -2605,62 +2557,6 @@ func TestSetupControllerPublicClusterAddress(t *testing.T) { expErrStr: "", expPublicClusterAddress: "127.0.0.1:8080", }, - { - name: "read address from listeners ipv6 only", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - {Purpose: []string{"cluster"}, Address: "[2001:4860:4860:0:0:0:0:8888]"}, - }, - }, - Controller: &Controller{}, - }, - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860:0:0:0:0:8888]:9201", - }, - { - name: "read address from listeners ipv6:port", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - {Purpose: []string{"cluster"}, Address: "[2001:4860:4860:0:0:0:0:8888]:8080"}, - }, - }, - Controller: &Controller{}, - }, - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860:0:0:0:0:8888]:8080", - }, - { - name: "read address from listeners abbreviated ipv6 only", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - {Purpose: []string{"cluster"}, Address: "[2001:4860:4860::8888]"}, - }, - }, - Controller: &Controller{}, - }, - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860::8888]:9201", - }, - { - name: "read address from listeners abbreviated ipv6:port", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - {Purpose: []string{"cluster"}, Address: "[2001:4860:4860::8888]:8080"}, - }, - }, - Controller: &Controller{}, - }, - expErr: false, - expErrStr: "", - expPublicClusterAddress: "[2001:4860:4860::8888]:8080", - }, { name: "read address from listeners is ignored on different purpose", inputConfig: &Config{ @@ -2775,7 +2671,7 @@ func TestSetupWorkerInitialUpstreams(t *testing.T) { expInitialUpstreams: nil, }, { - name: "ipv4 PublicClusterAddr", + name: "PublicClusterAddr", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{}, @@ -2789,36 +2685,6 @@ func TestSetupWorkerInitialUpstreams(t *testing.T) { expErrStr: "", expInitialUpstreams: []string{"192.168.0.4:9201"}, }, - { - name: "ipv6 PublicClusterAddr", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860:0:0:0:0:8888]:9201", - }, - Worker: &Worker{}, - }, - expErr: false, - expErrStr: "", - expInitialUpstreams: []string{"[2001:4860:4860:0:0:0:0:8888]:9201"}, - }, - { - name: "abbreviated ipv6 PublicClusterAddr", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{}, - }, - Controller: &Controller{ - PublicClusterAddr: "[2001:4860:4860::8888]:9201", - }, - Worker: &Worker{}, - }, - expErr: false, - expErrStr: "", - expInitialUpstreams: []string{"[2001:4860:4860::8888]:9201"}, - }, { name: "ListenerNoAddr", inputConfig: &Config{ @@ -2837,7 +2703,7 @@ func TestSetupWorkerInitialUpstreams(t *testing.T) { expInitialUpstreams: []string{"127.0.0.1:9201"}, }, { - name: "ipv4 ListenerAddr", + name: "ListenerAddr", inputConfig: &Config{ SharedConfig: &configutil.SharedConfig{ Listeners: []*listenerutil.ListenerConfig{ @@ -2854,42 +2720,6 @@ func TestSetupWorkerInitialUpstreams(t *testing.T) { expErrStr: "", expInitialUpstreams: []string{"192.168.0.5:9201"}, }, - { - name: "ipv6 ListenerAddr", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - { - Purpose: []string{"cluster"}, - Address: "[2001:4860:4860:0:0:0:0:8888]:9201", - }, - }, - }, - Controller: &Controller{}, - Worker: &Worker{}, - }, - expErr: false, - expErrStr: "", - expInitialUpstreams: []string{"[2001:4860:4860:0:0:0:0:8888]:9201"}, - }, - { - name: "abbreviated ipv6 ListenerAddr", - inputConfig: &Config{ - SharedConfig: &configutil.SharedConfig{ - Listeners: []*listenerutil.ListenerConfig{ - { - Purpose: []string{"cluster"}, - Address: "[2001:4860:4860::8888]:9201", - }, - }, - }, - Controller: &Controller{}, - Worker: &Worker{}, - }, - expErr: false, - expErrStr: "", - expInitialUpstreams: []string{"[2001:4860:4860::8888]:9201"}, - }, { name: "ListenerAddrDomain", inputConfig: &Config{ diff --git a/internal/cmd/main.go b/internal/cmd/main.go index 4319264bc1..26899aa9e0 100644 --- a/internal/cmd/main.go +++ b/internal/cmd/main.go @@ -241,7 +241,7 @@ func RunCustom(args []string, runOpts *RunOptions) (exitCode int) { initCommands(ui, serverCmdUi, runOpts) - hiddenCommands := []string{"version"} + hiddenCommands := []string{"version", "client-agent", "client-agent status", "client-agent pause", "client-agent resume", "client-agent sessions"} cli := &cli.CLI{ Name: "boundary", diff --git a/internal/cmd/ops/server_test.go b/internal/cmd/ops/server_test.go index 65cbc03606..42766b6829 100644 --- a/internal/cmd/ops/server_test.go +++ b/internal/cmd/ops/server_test.go @@ -133,7 +133,7 @@ func TestNewServerIntegration(t *testing.T) { expErrMsg string }{ { - name: "one tcp ops ipv4 listener", + name: "one tcp ops listener", listeners: []*listenerutil.ListenerConfig{ { Type: "tcp", @@ -148,22 +148,6 @@ func TestNewServerIntegration(t *testing.T) { require.NoError(t, err) }, }, - { - name: "one tcp ops ipv6 listener", - listeners: []*listenerutil.ListenerConfig{ - { - Type: "tcp", - Purpose: []string{"ops"}, - Address: "[::1]:0", - TLSDisable: true, - }, - }, - assertions: func(t *testing.T, addrs []string) { - resp, err := http.Get("http://" + addrs[0]) - resp.Body.Close() - require.NoError(t, err) - }, - }, { name: "multiple tcp ops listeners", listeners: []*listenerutil.ListenerConfig{ diff --git a/internal/daemon/controller/auth/auth.go b/internal/daemon/controller/auth/auth.go index 082ed39902..aaf671492f 100644 --- a/internal/daemon/controller/auth/auth.go +++ b/internal/daemon/controller/auth/auth.go @@ -55,12 +55,6 @@ const ( AuthTokenTypeRecoveryKms ) -// CallbackAction represents the action type for -// callback operations in a request's URL path. -// This is currently only used during auth method -// authentication. -const CallbackAction = "callback" - type key int var verifierKey key @@ -952,13 +946,3 @@ func (r *VerifyResults) ScopesAuthorizedForList(ctx context.Context, rootScopeId func (r *VerifyResults) GrantsHash(ctx context.Context) ([]byte, error) { return r.grants.GrantHash(ctx) } - -// GetRequestInfo extracts the request info stored in the context, if it exists. -// This returns nil, false if the request info could not be found. -func GetRequestInfo(ctx context.Context) (*authpb.RequestInfo, bool) { - v, ok := ctx.Value(verifierKey).(*verifier) - if !ok { - return nil, false - } - return v.requestInfo, true -} diff --git a/internal/daemon/controller/auth/option.go b/internal/daemon/controller/auth/option.go index fa6777fb1d..0d12a79fab 100644 --- a/internal/daemon/controller/auth/option.go +++ b/internal/daemon/controller/auth/option.go @@ -33,7 +33,6 @@ type options struct { withRecoveryTokenNotAllowed bool withAnonymousUserNotAllowed bool withResource *perms.Resource - withActions []string } func getDefaultOptions() options { @@ -100,10 +99,3 @@ func WithResource(resource *perms.Resource) Option { o.withResource = resource } } - -// WithActions specifies a list of actions in the request -func WithActions(actions []string) Option { - return func(o *options) { - o.withActions = actions - } -} diff --git a/internal/daemon/controller/auth/options_test.go b/internal/daemon/controller/auth/options_test.go index f111e036cb..7295c120f9 100644 --- a/internal/daemon/controller/auth/options_test.go +++ b/internal/daemon/controller/auth/options_test.go @@ -31,7 +31,6 @@ func Test_GetOpts(t *testing.T) { WithRecoveryTokenNotAllowed(true), WithAnonymousUserNotAllowed(true), WithResource(res), - WithActions([]string{"callback"}), ) exp := options{ withScopeId: "foo", @@ -44,7 +43,6 @@ func Test_GetOpts(t *testing.T) { withRecoveryTokenNotAllowed: true, withAnonymousUserNotAllowed: true, withResource: res, - withActions: []string{"callback"}, } assert.Equal(t, exp, opts) } diff --git a/internal/daemon/controller/auth/testing.go b/internal/daemon/controller/auth/testing.go index 0a9c52a75f..d112dcc8bb 100644 --- a/internal/daemon/controller/auth/testing.go +++ b/internal/daemon/controller/auth/testing.go @@ -26,7 +26,6 @@ func DisabledAuthTestContext(iamRepoFn common.IamRepoFactory, scopeId string, op if reqInfo.UserIdOverride == "" { reqInfo.UserIdOverride = globals.AnyAuthenticatedUserId } - reqInfo.Actions = opts.withActions requestContext := context.WithValue(context.Background(), requests.ContextRequestInformationKey, &requests.RequestContext{}) return NewVerifierContext(requestContext, iamRepoFn, nil, nil, opts.withKms, &reqInfo) } diff --git a/internal/daemon/controller/gateway.go b/internal/daemon/controller/gateway.go index c2bdfb7560..a7ad3a3eb1 100644 --- a/internal/daemon/controller/gateway.go +++ b/internal/daemon/controller/gateway.go @@ -65,7 +65,6 @@ func newGrpcGatewayMux() *runtime.ServeMux { }), runtime.WithErrorHandler(handlers.ErrorHandler()), runtime.WithForwardResponseOption(handlers.OutgoingResponseFilter), - runtime.WithDisablePathLengthFallback(), ) } diff --git a/internal/daemon/controller/gateway_test.go b/internal/daemon/controller/gateway_test.go index 0566a4d82d..caafe72652 100644 --- a/internal/daemon/controller/gateway_test.go +++ b/internal/daemon/controller/gateway_test.go @@ -4,12 +4,10 @@ package controller import ( - "bytes" "context" "fmt" "math" "net/http" - "net/http/httptest" "testing" "github.com/hashicorp/boundary/api/targets" @@ -94,33 +92,3 @@ func Test_correlationIdAnnotator(t *testing.T) { require.Len(t, corIds, 1) assert.Equal(t, corId, corIds[0]) } - -func Test_WithDisablePathLengthFallback(t *testing.T) { - ctx := context.Background() - reqPath := "/v1/example" - mux := newGrpcGatewayMux() - - assert.NotNil(t, mux) - - err := mux.HandlePath("GET", reqPath, func(w http.ResponseWriter, r *http.Request, pathParams map[string]string) { - _, _ = fmt.Fprintf(w, "%s", r.Method) - }) - assert.NoError(t, err) - - err = mux.HandlePath("POST", reqPath, func(w http.ResponseWriter, r *http.Request, pathParams map[string]string) { - _, _ = fmt.Fprintf(w, "%s", r.Method) - }) - assert.NoError(t, err) - - r, err := http.NewRequestWithContext(ctx, "POST", reqPath, bytes.NewReader(nil)) - assert.NoError(t, err) - - r.Header.Set("X-HTTP-Method-Override", "GET") - r.Header.Set("Content-Type", "application/x-www-form-urlencoded") - - w := httptest.NewRecorder() - mux.ServeHTTP(w, r) - - body := w.Body.String() - assert.Equal(t, "POST", body) -} diff --git a/internal/daemon/controller/handler.go b/internal/daemon/controller/handler.go index b220fc3079..a79ca11631 100644 --- a/internal/daemon/controller/handler.go +++ b/internal/daemon/controller/handler.go @@ -13,7 +13,6 @@ import ( "net/http" "net/textproto" "os" - "path" "strings" "time" @@ -499,7 +498,6 @@ func wrapHandlerWithCommonFuncs(h http.Handler, c *Controller, props HandlerProp requestInfo.EventId = info.EventId requestInfo.TraceId = info.Id requestInfo.ClientIp = info.ClientIp - requestInfo.Actions = getActions(info.Path) } else { w.WriteHeader(http.StatusInternalServerError) event.WriteError(ctx, op, errors.New("unable to read event request info from context")) @@ -651,7 +649,7 @@ func wrapHandlerWithCallbackInterceptor(h http.Handler, c *Controller) http.Hand return } - req.URL.Path = strings.TrimSuffix(req.URL.Path, ":"+auth.CallbackAction) + req.URL.Path = strings.TrimSuffix(req.URL.Path, ":callback") // How we get the parameters changes based on the method. Right now only // GET is supported with query args, but this can support POST with JSON @@ -739,19 +737,3 @@ func wrapHandlerWithCallbackInterceptor(h http.Handler, c *Controller) http.Hand h.ServeHTTP(w, req) }) } - -// getActions takes in a URL Path and returns the actions from the URL -func getActions(urlPath string) []string { - // Remove any query parameters - urlPath = strings.Split(urlPath, "?")[0] - - lastPart := path.Base(urlPath) - - _, rest, _ := strings.Cut(lastPart, ":") - if rest == "" { - return []string{} - } - - // Split the rest on ":", returning all actions and sub-actions - return strings.Split(rest, ":") -} diff --git a/internal/daemon/controller/handler_test.go b/internal/daemon/controller/handler_test.go index d2eb47e793..36e7721044 100644 --- a/internal/daemon/controller/handler_test.go +++ b/internal/daemon/controller/handler_test.go @@ -422,46 +422,3 @@ func TestStreamingResponse(t *testing.T) { require.True(t, string(read) == string(blob), "Got: %q", string(read)) require.Equal(t, i, n) } - -func TestGetActions(t *testing.T) { - testCases := []struct { - name string - url string - expected []string - }{ - { - name: "No actions", - url: "/v1/auth-methods/amoidc_1234567890", - expected: []string{}, - }, - { - name: "1 Action", - url: "/v1/auth-methods/amoidc_1234567890:authenticate", - expected: []string{"authenticate"}, - }, - { - name: "Multiple Actions", - url: "https://hello.com/v1/auth-methods/amoidc_1234567890:authenticate:callback", - expected: []string{"authenticate", "callback"}, - }, - { - name: "1 Action with query params", - url: "https://hello.com/v1/auth-methods/amoidc_1234567890:authenticate?state=foo&token=bar", - expected: []string{"authenticate"}, - }, - { - name: "Multiple Actions with query params", - url: "https://hello.com/v1/auth-methods/amoidc_1234567890:authenticate:callback?state=foo&token=bar", - expected: []string{"authenticate", "callback"}, - }, - } - - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - require := require.New(t) - actions := getActions(tc.url) - fmt.Println("actions", len(actions)) - require.Equal(tc.expected, actions) - }) - } -} diff --git a/internal/daemon/controller/handlers/authmethods/authmethod_service.go b/internal/daemon/controller/handlers/authmethods/authmethod_service.go index 109868e324..b286f14a82 100644 --- a/internal/daemon/controller/handlers/authmethods/authmethod_service.go +++ b/internal/daemon/controller/handlers/authmethods/authmethod_service.go @@ -526,22 +526,21 @@ func (s Service) DeleteAuthMethod(ctx context.Context, req *pbs.DeleteAuthMethod // Authenticate implements the interface pbs.AuthenticationServiceServer. func (s Service) Authenticate(ctx context.Context, req *pbs.AuthenticateRequest) (*pbs.AuthenticateResponse, error) { const op = "authmethod_service.(Service).Authenticate" - if err := validateAuthenticateRequest(ctx, req); err != nil { return nil, err } switch globals.ResourceInfoFromPrefix(req.GetAuthMethodId()).Subtype { case password.Subtype: - if err := validateAuthenticatePasswordRequest(ctx, req); err != nil { + if err := validateAuthenticatePasswordRequest(req); err != nil { return nil, err } case oidc.Subtype: - if err := validateAuthenticateOidcRequest(ctx, req); err != nil { + if err := validateAuthenticateOidcRequest(req); err != nil { return nil, err } case ldap.Subtype: - if err := validateAuthenticateLdapRequest(ctx, req); err != nil { + if err := validateAuthenticateLdapRequest(req); err != nil { return nil, err } } diff --git a/internal/daemon/controller/handlers/authmethods/ldap.go b/internal/daemon/controller/handlers/authmethods/ldap.go index d320939885..72f12f3388 100644 --- a/internal/daemon/controller/handlers/authmethods/ldap.go +++ b/internal/daemon/controller/handlers/authmethods/ldap.go @@ -8,9 +8,7 @@ import ( "crypto/x509" "encoding/pem" "fmt" - "math" "net/url" - "strconv" "strings" "github.com/hashicorp/boundary/internal/auth/ldap" @@ -298,12 +296,6 @@ func validateLdapAttributes(ctx context.Context, attrs *pb.LdapAuthMethodAttribu if u.Scheme != "ldap" && u.Scheme != "ldaps" { badUrlMsgs = append(badUrlMsgs, fmt.Sprintf("%s scheme in url %q is not either ldap or ldaps", u.Scheme, u.String())) } - if u.Port() != "" { - port, err := strconv.Atoi(u.Port()) - if err != nil || port > math.MaxUint16 { - badUrlMsgs = append(badUrlMsgs, fmt.Sprintf("port %s in url %s is not valid", u.Port(), u.String())) - } - } } if len(badUrlMsgs) > 0 { badFields[urlsField] = strings.Join(badUrlMsgs, " / ") @@ -348,22 +340,9 @@ func validateLdapAttributes(ctx context.Context, attrs *pb.LdapAuthMethodAttribu } } -func validateAuthenticateLdapRequest(ctx context.Context, req *pbs.AuthenticateRequest) error { - const op = "authmethods.(Service).validateAuthenticateLdapRequest" +func validateAuthenticateLdapRequest(req *pbs.AuthenticateRequest) error { badFields := make(map[string]string) - requestInfo, ok := auth.GetRequestInfo(ctx) - if !ok { - return errors.New(ctx, errors.Internal, op, "no request info found") - } - - for _, action := range requestInfo.Actions { - switch action { - case auth.CallbackAction: - badFields["request_path"] = "callback is not a valid action for this auth method." - } - } - attrs := req.GetLdapLoginAttributes() switch { case attrs == nil: diff --git a/internal/daemon/controller/handlers/authmethods/ldap_test.go b/internal/daemon/controller/handlers/authmethods/ldap_test.go index c8692918c7..baf7e5c5cf 100644 --- a/internal/daemon/controller/handlers/authmethods/ldap_test.go +++ b/internal/daemon/controller/handlers/authmethods/ldap_test.go @@ -821,56 +821,6 @@ func Test_UpdateLdap(t *testing.T) { err: handlers.ApiErrorWithCode(codes.NotFound), errContains: "no changes were made to the existing AuthMethod", }, - { - name: "valid-port-number", - req: &pbs.UpdateAuthMethodRequest{ - UpdateMask: &field_mask.FieldMask{ - Paths: []string{"attributes.urls"}, - }, - Item: &pb.AuthMethod{ - Attrs: &pb.AuthMethod_LdapAuthMethodsAttributes{ - LdapAuthMethodsAttributes: &pb.LdapAuthMethodAttributes{ - Urls: []string{"ldaps://ldap2:8156"}, - }, - }, - }, - }, - res: &pbs.UpdateAuthMethodResponse{ - Item: &pb.AuthMethod{ - ScopeId: o.GetPublicId(), - Version: 2, - Name: &wrapperspb.StringValue{Value: "default"}, - Description: &wrapperspb.StringValue{Value: "default"}, - Type: ldap.Subtype.String(), - Attrs: &pb.AuthMethod_LdapAuthMethodsAttributes{ - LdapAuthMethodsAttributes: &pb.LdapAuthMethodAttributes{ - Urls: []string{"ldaps://ldap2:8156"}, - State: "active-private", - }, - }, - Scope: defaultScopeInfo, - AuthorizedActions: ldapAuthorizedActions, - AuthorizedCollectionActions: authorizedCollectionActions, - }, - }, - }, - { - name: "invalid-port-number", - req: &pbs.UpdateAuthMethodRequest{ - UpdateMask: &field_mask.FieldMask{ - Paths: []string{"attributes.urls"}, - }, - Item: &pb.AuthMethod{ - Attrs: &pb.AuthMethod_LdapAuthMethodsAttributes{ - LdapAuthMethodsAttributes: &pb.LdapAuthMethodAttributes{ - Urls: []string{"ldaps://ldap2:9999999"}, - }, - }, - }, - }, - err: handlers.ApiErrorWithCode(codes.InvalidArgument), - errContains: "port 9999999 in url ldaps://ldap2:9999999 is not valid", - }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { @@ -1019,7 +969,6 @@ func TestAuthenticate_Ldap(t *testing.T) { name string acctId string request *pbs.AuthenticateRequest - actions []string wantType string wantGroups []string wantErr error @@ -1147,24 +1096,6 @@ func TestAuthenticate_Ldap(t *testing.T) { wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), wantErrContains: `Details: {{name: "attributes", desc: "This is a required field."}}`, }, - { - name: "with-callback-action", - acctId: testAcct.PublicId, - actions: []string{"callback"}, - request: &pbs.AuthenticateRequest{ - AuthMethodId: testAm.GetPublicId(), - TokenType: "token", - Attrs: &pbs.AuthenticateRequest_LdapLoginAttributes{ - LdapLoginAttributes: &pbs.LdapLoginAttributes{ - LoginName: testLoginName, - Password: testPassword, - }, - }, - }, - wantGroups: []string{testManagedGrp.PublicId}, - wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), - wantErrContains: `Details: {{name: "request_path", desc: "callback is not a valid action for this auth method."}}`, - }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { @@ -1172,7 +1103,7 @@ func TestAuthenticate_Ldap(t *testing.T) { s, err := authmethods.NewService(testCtx, testKms, pwRepoFn, oidcRepoFn, iamRepoFn, atRepoFn, ldapRepoFn, authMethodRepoFn, 1000) require.NoError(err) - resp, err := s.Authenticate(auth.DisabledAuthTestContext(iamRepoFn, o.GetPublicId(), auth.WithActions(tc.actions)), tc.request) + resp, err := s.Authenticate(auth.DisabledAuthTestContext(iamRepoFn, o.GetPublicId()), tc.request) if tc.wantErr != nil { assert.Error(err) assert.Truef(errors.Is(err, tc.wantErr), "Got %#v, wanted %#v", err, tc.wantErr) diff --git a/internal/daemon/controller/handlers/authmethods/oidc.go b/internal/daemon/controller/handlers/authmethods/oidc.go index 919aef62ed..853fc743b9 100644 --- a/internal/daemon/controller/handlers/authmethods/oidc.go +++ b/internal/daemon/controller/handlers/authmethods/oidc.go @@ -332,7 +332,7 @@ func (s Service) authenticateOidcToken(ctx context.Context, req *pbs.Authenticat return s.convertToAuthenticateResponse(ctx, req, authResults, responseToken) } -func validateAuthenticateOidcRequest(_ context.Context, req *pbs.AuthenticateRequest) error { +func validateAuthenticateOidcRequest(req *pbs.AuthenticateRequest) error { badFields := make(map[string]string) switch req.GetCommand() { diff --git a/internal/daemon/controller/handlers/authmethods/password.go b/internal/daemon/controller/handlers/authmethods/password.go index 4462f1a1fa..38fda9178c 100644 --- a/internal/daemon/controller/handlers/authmethods/password.go +++ b/internal/daemon/controller/handlers/authmethods/password.go @@ -143,22 +143,9 @@ func (s Service) authenticateWithPwRepo(ctx context.Context, scopeId, authMethod ) } -func validateAuthenticatePasswordRequest(ctx context.Context, req *pbs.AuthenticateRequest) error { - const op = "authmethods.(Service).validateAuthenticatePasswordRequest" +func validateAuthenticatePasswordRequest(req *pbs.AuthenticateRequest) error { badFields := make(map[string]string) - requestInfo, ok := auth.GetRequestInfo(ctx) - if !ok { - return errors.New(ctx, errors.Internal, op, "no request info found") - } - - for _, action := range requestInfo.Actions { - switch action { - case auth.CallbackAction: - badFields["request_path"] = "callback is not a valid action for this auth method." - } - } - attrs := req.GetPasswordLoginAttributes() switch { case attrs == nil: diff --git a/internal/daemon/controller/handlers/authmethods/password_test.go b/internal/daemon/controller/handlers/authmethods/password_test.go index efb7410ff6..fda36166c5 100644 --- a/internal/daemon/controller/handlers/authmethods/password_test.go +++ b/internal/daemon/controller/handlers/authmethods/password_test.go @@ -546,7 +546,6 @@ func TestAuthenticate_Password(t *testing.T) { cases := []struct { name string request *pbs.AuthenticateRequest - actions []string wantType string wantErr error wantErrContains string @@ -655,22 +654,6 @@ func TestAuthenticate_Password(t *testing.T) { wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), wantErrContains: `Details: {{name: "attributes", desc: "This is a required field."}}`, }, - { - name: "with-callback-action", - actions: []string{"callback"}, - request: &pbs.AuthenticateRequest{ - AuthMethodId: am.GetPublicId(), - TokenType: "token", - Attrs: &pbs.AuthenticateRequest_PasswordLoginAttributes{ - PasswordLoginAttributes: &pbs.PasswordLoginAttributes{ - LoginName: testLoginName, - Password: testPassword, - }, - }, - }, - wantErr: handlers.ApiErrorWithCode(codes.InvalidArgument), - wantErrContains: `Details: {{name: "request_path", desc: "callback is not a valid action for this auth method."}}`, - }, } for _, tc := range cases { @@ -679,7 +662,7 @@ func TestAuthenticate_Password(t *testing.T) { s, err := authmethods.NewService(ctx, kms, pwRepoFn, oidcRepoFn, iamRepoFn, atRepoFn, ldapRepoFn, authMethodRepoFn, 1000) require.NoError(err) - resp, err := s.Authenticate(auth.DisabledAuthTestContext(iamRepoFn, o.GetPublicId(), auth.WithActions(tc.actions)), tc.request) + resp, err := s.Authenticate(auth.DisabledAuthTestContext(iamRepoFn, o.GetPublicId()), tc.request) if tc.wantErr != nil { assert.Error(err) assert.Truef(errors.Is(err, tc.wantErr), "Got %#v, wanted %#v", err, tc.wantErr) diff --git a/internal/daemon/controller/interceptor.go b/internal/daemon/controller/interceptor.go index 5a62ab1290..f4c46a1f13 100644 --- a/internal/daemon/controller/interceptor.go +++ b/internal/daemon/controller/interceptor.go @@ -5,7 +5,6 @@ package controller import ( "context" - "crypto/subtle" "fmt" "net/http" "reflect" @@ -243,7 +242,7 @@ func sharedRequestInterceptorLogic( switch { case requestInfo.Ticket == "": return nil, errors.New(interceptorCtx, errors.Internal, op, "Invalid context (missing ticket)") - case subtle.ConstantTimeCompare([]byte(requestInfo.Ticket), []byte(ticket)) != 1: + case requestInfo.Ticket != ticket: return nil, errors.New(interceptorCtx, errors.Internal, op, "Invalid context (bad ticket)") } diff --git a/internal/daemon/controller/testing.go b/internal/daemon/controller/testing.go index 41dc57d2ba..c647d65258 100644 --- a/internal/daemon/controller/testing.go +++ b/internal/daemon/controller/testing.go @@ -937,7 +937,7 @@ func (tc *TestController) WaitForNextWorkerStatusUpdate(workerStatusName string) break } - if waitStatusCurrent.After(waitStatusStart) { + if waitStatusCurrent.Sub(waitStatusStart) > 0 { break } } diff --git a/internal/daemon/worker/status.go b/internal/daemon/worker/status.go index dbddbc8b2b..64453f99a7 100644 --- a/internal/daemon/worker/status.go +++ b/internal/daemon/worker/status.go @@ -106,7 +106,7 @@ func (w *Worker) WaitForNextSuccessfulStatusUpdate() error { return ctx.Err() } - if w.lastSuccessfulStatusTime().After(waitStatusStart) { + if w.lastSuccessfulStatusTime().Sub(waitStatusStart) > 0 { break } } diff --git a/internal/daemon/worker/worker.go b/internal/daemon/worker/worker.go index a403188aeb..febee37447 100644 --- a/internal/daemon/worker/worker.go +++ b/internal/daemon/worker/worker.go @@ -733,7 +733,7 @@ func (w *Worker) Shutdown() error { break } - if w.lastSuccessfulStatusTime().After(waitStatusStart) { + if w.lastSuccessfulStatusTime().Sub(waitStatusStart) > 0 { break } diff --git a/internal/db/sqltest/Makefile b/internal/db/sqltest/Makefile index 3633401728..ee5868db77 100644 --- a/internal/db/sqltest/Makefile +++ b/internal/db/sqltest/Makefile @@ -37,7 +37,6 @@ TESTS ?= tests/setup/*.sql \ tests/purge/*.sql \ tests/pagination/*.sql \ tests/policy/*.sql \ - tests/host/*.sql \ tests/server/*.sql POSTGRES_DOCKER_IMAGE_BASE ?= postgres diff --git a/internal/db/sqltest/tests/history/static_host_ipv6.sql b/internal/db/sqltest/tests/history/static_host_ipv6.sql deleted file mode 100644 index 9adff0bf76..0000000000 --- a/internal/db/sqltest/tests/history/static_host_ipv6.sql +++ /dev/null @@ -1,42 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - select plan(4); -- the number of `is` calls - - -- short form ipv6 - - insert into static_host_hst - ( catalog_id, public_id, address) - values - ('hc__st_____b', 'h___st____bx', '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from static_host_hst - where address = '2001:4860:4860::8888'; - - update static_host_hst - set address = '2001:4860:4860::8844' - where public_id = 'h___st____bx'; - - select is(count(*), 1::bigint) from static_host_hst - where address = '2001:4860:4860::8844'; - - -- explicit form ipv6 - - insert into static_host_hst - ( catalog_id, public_id, address) - values - ('hc__st_____b', 'h___st____by', '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from static_host_hst - where address = '2001:4860:4860:0:0:0:0:8888'; - - update static_host_hst - set address = '2001:4860:4860:0:0:0:0:8844' - where public_id = 'h___st____by'; - - select is(count(*), 1::bigint) from static_host_hst - where address = '2001:4860:4860:0:0:0:0:8844'; - -rollback; diff --git a/internal/db/sqltest/tests/host/static_host_ipv6.sql b/internal/db/sqltest/tests/host/static_host_ipv6.sql deleted file mode 100644 index e519042e42..0000000000 --- a/internal/db/sqltest/tests/host/static_host_ipv6.sql +++ /dev/null @@ -1,42 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - select plan(4); -- the number of `is` calls - - -- short form ipv6 - - insert into static_host - ( catalog_id, public_id, address) - values - ('hc__st_____b', 'h___st____bx', '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from static_host - where address = '2001:4860:4860::8888'; - - update static_host - set address = '2001:4860:4860::8844' - where public_id = 'h___st____bx'; - - select is(count(*), 1::bigint) from static_host - where address = '2001:4860:4860::8844'; - - -- explicit form ipv6 - - insert into static_host - ( catalog_id, public_id, address) - values - ('hc__st_____b', 'h___st____by', '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from static_host - where address = '2001:4860:4860:0:0:0:0:8888'; - - update static_host - set address = '2001:4860:4860:0:0:0:0:8844' - where public_id = 'h___st____by'; - - select is(count(*), 1::bigint) from static_host - where address = '2001:4860:4860:0:0:0:0:8844'; - -rollback; diff --git a/internal/db/sqltest/tests/server/ipv6.sql b/internal/db/sqltest/tests/server/ipv6.sql deleted file mode 100644 index 5fcbfd637f..0000000000 --- a/internal/db/sqltest/tests/server/ipv6.sql +++ /dev/null @@ -1,76 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - select plan(8); -- the number of `is` calls - - -- short form ipv6 - - insert into server_controller - ( private_id, address) - values - ('test-controller-1', '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from server_controller - where address = '2001:4860:4860::8888'; - - update server_controller - set address = '2001:4860:4860::8844' - where private_id = 'test-controller-1'; - - select is(count(*), 1::bigint) from server_controller - where address = '2001:4860:4860::8844'; - - -- worker - - insert into server_worker - ( public_id, scope_id, type, last_status_time, address) - values - ('w_________1', 'global', 'pki', now(), '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from server_worker - where address = '2001:4860:4860::8888'; - - update server_worker - set address = '2001:4860:4860::8844' - where public_id = 'w_________1'; - - select is(count(*), 1::bigint) from server_worker - where address = '2001:4860:4860::8844'; - - -- explicit form ipv6 - - insert into server_controller - ( private_id, address) - values - ('test-controller-2', '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from server_controller - where address = '2001:4860:4860:0:0:0:0:8888'; - - update server_controller - set address = '2001:4860:4860:0:0:0:0:8844' - where private_id = 'test-controller-2'; - - select is(count(*), 1::bigint) from server_controller - where address = '2001:4860:4860:0:0:0:0:8844'; - - -- worker - - insert into server_worker - ( public_id, scope_id, type, last_status_time, address) - values - ('w_________2', 'global', 'pki', now(), '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from server_worker - where address = '2001:4860:4860:0:0:0:0:8888'; - - update server_worker - set address = '2001:4860:4860:0:0:0:0:8844' - where public_id = 'w_________2'; - - select is(count(*), 1::bigint) from server_worker - where address = '2001:4860:4860:0:0:0:0:8844'; - -rollback; diff --git a/internal/db/sqltest/tests/session/session_connection_ipv6.sql b/internal/db/sqltest/tests/session/session_connection_ipv6.sql deleted file mode 100644 index 888173e9c3..0000000000 --- a/internal/db/sqltest/tests/session/session_connection_ipv6.sql +++ /dev/null @@ -1,73 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - select plan(12); -- the number of `is` calls - - -- short form ipv6 - - insert into session_connection - ( public_id, session_id, client_tcp_address, endpoint_tcp_address, user_client_ip) - values - ('sc_________1', 's1_____clare', '2001:4860:4860::8888', '2001:4860:4860::8888', '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from session_connection - where client_tcp_address = '2001:4860:4860::8888'; - - select is(count(*), 1::bigint) from session_connection - where endpoint_tcp_address = '2001:4860:4860::8888'; - - select is(count(*), 1::bigint) from session_connection - where user_client_ip = '2001:4860:4860::8888'; - - update session_connection - set client_tcp_address = '2001:4860:4860::8844', - endpoint_tcp_address = '2001:4860:4860::8844', - user_client_ip = '2001:4860:4860::8844' - where public_id = 'sc_________1'; - - select is(count(*), 1::bigint) from session_connection - where client_tcp_address = '2001:4860:4860::8844'; - - select is(count(*), 1::bigint) from session_connection - where endpoint_tcp_address = '2001:4860:4860::8844'; - - select is(count(*), 1::bigint) from session_connection - where user_client_ip = '2001:4860:4860::8844'; - - -- explicit form ipv6 - - insert into session_connection - ( public_id, session_id, client_tcp_address, endpoint_tcp_address, user_client_ip) - values - ('sc_________2', 's2_____clare', '2001:4860:4860:0:0:0:0:8888', '2001:4860:4860:0:0:0:0:8888', '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from session_connection - where client_tcp_address = '2001:4860:4860:0:0:0:0:8888'; - - select is(count(*), 1::bigint) from session_connection - where endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8888'; - - select is(count(*), 1::bigint) from session_connection - where user_client_ip = '2001:4860:4860:0:0:0:0:8888'; - - update session_connection - set client_tcp_address = '2001:4860:4860:0:0:0:0:8844', - endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8844', - user_client_ip = '2001:4860:4860:0:0:0:0:8844' - where public_id = 'sc_________2'; - - -- since the col type is inet, postgres actually knows that 2001:4860:4860:0:0:0:0:8844 is - -- equivalent to 2001:4860:4860::8844 from above, meaning these selects return 2 results - - select is(count(*), 2::bigint) from session_connection - where client_tcp_address = '2001:4860:4860:0:0:0:0:8844'; - - select is(count(*), 2::bigint) from session_connection - where endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8844'; - - select is(count(*), 2::bigint) from session_connection - where user_client_ip = '2001:4860:4860:0:0:0:0:8844'; - -rollback; diff --git a/internal/db/sqltest/tests/wh/session_connection/ipv6.sql b/internal/db/sqltest/tests/wh/session_connection/ipv6.sql deleted file mode 100644 index 971d5e745e..0000000000 --- a/internal/db/sqltest/tests/wh/session_connection/ipv6.sql +++ /dev/null @@ -1,61 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - select plan(8); -- the number of `is` calls - - -- short form ipv6 - - insert into session_connection - ( public_id, session_id, client_tcp_address, endpoint_tcp_address, user_client_ip) - values - ('sc_________1', 's1_____clare', '2001:4860:4860::8888', '2001:4860:4860::8888', '2001:4860:4860::8888'); - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where client_tcp_address = '2001:4860:4860::8888'; - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where endpoint_tcp_address = '2001:4860:4860::8888'; - - update session_connection - set client_tcp_address = '2001:4860:4860::8844', - endpoint_tcp_address = '2001:4860:4860::8844', - user_client_ip = '2001:4860:4860::8844' - where public_id = 'sc_________1'; - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where client_tcp_address = '2001:4860:4860::8844'; - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where endpoint_tcp_address = '2001:4860:4860::8844'; - - -- explicit form ipv6 - - insert into session_connection - ( public_id, session_id, client_tcp_address, endpoint_tcp_address, user_client_ip) - values - ('sc_________2', 's2_____clare', '2001:4860:4860:0:0:0:0:8888', '2001:4860:4860:0:0:0:0:8888', '2001:4860:4860:0:0:0:0:8888'); - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where client_tcp_address = '2001:4860:4860:0:0:0:0:8888'; - - select is(count(*), 1::bigint) from wh_session_connection_accumulating_fact - where endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8888'; - - update session_connection - set client_tcp_address = '2001:4860:4860:0:0:0:0:8844', - endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8844', - user_client_ip = '2001:4860:4860:0:0:0:0:8844' - where public_id = 'sc_________2'; - - -- since the col type is inet, postgres actually knows that 2001:4860:4860:0:0:0:0:8844 is - -- equivalent to 2001:4860:4860::8844 from above, meaning these selects return 2 results - - select is(count(*), 2::bigint) from wh_session_connection_accumulating_fact - where client_tcp_address = '2001:4860:4860:0:0:0:0:8844'; - - select is(count(*), 2::bigint) from wh_session_connection_accumulating_fact - where endpoint_tcp_address = '2001:4860:4860:0:0:0:0:8844'; - -rollback; diff --git a/internal/event/cloudevents_formatter_node_test.go b/internal/event/cloudevents_formatter_node_test.go index e96101af9e..1e7107abac 100644 --- a/internal/event/cloudevents_formatter_node_test.go +++ b/internal/event/cloudevents_formatter_node_test.go @@ -20,7 +20,7 @@ import ( func Test_newCloudEventsFormatterFilter(t *testing.T) { t.Parallel() - testSource, err := url.Parse("https://[::1]:9200") + testSource, err := url.Parse("https://localhost:9200") require.NoError(t, err) tests := []struct { name string @@ -152,7 +152,7 @@ func Test_newCloudEventsFormatterFilter(t *testing.T) { func TestNode_Process(t *testing.T) { t.Parallel() ctx := context.Background() - testUrl, err := url.Parse("https://[::1]") + testUrl, err := url.Parse("https://localhost") require.NoError(t, err) now := time.Now() @@ -294,12 +294,12 @@ func TestNode_Process(t *testing.T) { }, wantText: `{ "id": "%s", - "source": "https://[::1]", + "source": "https://localhost", "specversion": "1.0", "type": "test", "data": "test-string", "datacontentype": "text/plain", - "dataschema": "https://[::1]", + "dataschema": "https://localhost", "time": %s } `, diff --git a/internal/gen/controller.swagger.json b/internal/gen/controller.swagger.json index 06563206f9..40e694ab4a 100644 --- a/internal/gen/controller.swagger.json +++ b/internal/gen/controller.swagger.json @@ -3,7 +3,7 @@ "info": { "title": "Boundary controller HTTP API", "description": "Welcome to the Boundary controller HTTP API documentation. This page provides a reference guide for using the Boundary controller API, a JSON-based HTTP API. The API implements commonly seen HTTP API patterns for status codes, paths, and errors. See the [API overview](https://developer.hashicorp.com/boundary/docs/api-clients/api) for more information.\n\nBefore you read this page, it is useful to understand Boundary's [domain model](https://developer.hashicorp.com/boundary/docs/concepts/domain-model) and to be aware of the terminology used here. To get started, search for the service you want to interact with in the sidebar to the left. Each resource in Boundary, such as accounts and credential stores, has its own service. Each service contains all the API endpoints for the resource.\n## Status codes\n- `2XX`: Boundary returns a code between `200` and `299` on success. Generally this is `200`, but implementations should be prepared to accept any `2XX` status code as indicating success. If a call returns a `2XX` code that is not `200`, it follows well-understood semantics for those status codes.\n- `400`: Boundary returns `400` when a command cannot be completed due to invalid user input, except for a properly-formatted identifier that does not map to an existing resource, which returns a `404` as discussed below.\n- `401`: Boundary returns `401` if no authentication token is provided or if the provided token is invalid. A valid token that simply does not have permission for a resource returns a `403` instead. A token that is invalid or missing, but where the anonymous user (`u_anon`) is able to successfully perform the action, will not return a `401` but instead will return the result of the action.\n- `403`: Boundary returns `403` if a provided token was valid but does not have the grants required to perform the requested action.\n- `404`: Boundary returns `404` if a resource cannot be found. Note that this happens _prior_ to authentication/authorization checking in nearly all cases as the resource information (such as its scope, available actions, etc.) is a required part of that check. As a result, an action against a resource that does not exist returns a `404` instead of a `401` or `403`. While this could be considered an information leak, since IDs are randomly generated and this only discloses whether an ID is valid, it's tolerable as it allows for far simpler and more robust client implementation.\n- `405`: Boundary returns a `405` to indicate that the method (HTTP verb or custom action) is not implemented for the given resource.\n- `429`: Boundary returns a `429` if any of the API rate limit quotas have been exhausted for the resource and action. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n- `500`: Boundary returns `500` if an error occurred that is not (directly) tied to invalid user input. If a `500` is generated, information about the error is logged to Boundary's server log but is not generally provided to the client.\n- `503`: Boundary returns a `503` if it is unable to store a quota due to the API rate limit being exceeded. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n## List pagination\nBoundary uses [API pagination](https://developer.hashicorp.com/boundary/docs/api-clients/api/pagination) to support searching and filtering large lists of results efficiently.", - "version": "0.17.0", + "version": "0.17.2", "contact": { "name": "HashiCorp Boundary", "url": "https://www.boundaryproject.io/" diff --git a/internal/gen/controller/auth/auth.pb.go b/internal/gen/controller/auth/auth.pb.go index 5809d466c0..f36bceaba6 100644 --- a/internal/gen/controller/auth/auth.pb.go +++ b/internal/gen/controller/auth/auth.pb.go @@ -58,8 +58,6 @@ type RequestInfo struct { EventId string `protobuf:"bytes,130,opt,name=event_id,json=eventId,proto3" json:"event_id,omitempty"` // the client ip for the request ClientIp string `protobuf:"bytes,140,opt,name=client_ip,json=clientIp,proto3" json:"client_ip,omitempty"` - // url actions from the request path - Actions []string `protobuf:"bytes,141,rep,name=actions,proto3" json:"actions,omitempty"` } func (x *RequestInfo) Reset() { @@ -192,20 +190,13 @@ func (x *RequestInfo) GetClientIp() string { return "" } -func (x *RequestInfo) GetActions() []string { - if x != nil { - return x.Actions - } - return nil -} - var File_controller_auth_v1_auth_proto protoreflect.FileDescriptor var file_controller_auth_v1_auth_proto_rawDesc = []byte{ 0x0a, 0x1d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x76, 0x31, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2e, 0x61, 0x75, 0x74, 0x68, - 0x2e, 0x76, 0x31, 0x22, 0x80, 0x04, 0x0a, 0x0b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, + 0x2e, 0x76, 0x31, 0x22, 0xe5, 0x03, 0x0a, 0x0b, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x16, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x14, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, @@ -235,14 +226,12 @@ var file_controller_auth_v1_auth_proto_rawDesc = []byte{ 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64, 0x18, 0x82, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x12, 0x1c, 0x0a, 0x09, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x70, 0x18, 0x8c, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x70, 0x12, 0x19, 0x0a, 0x07, 0x61, - 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x8d, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x61, - 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x42, 0x41, 0x5a, 0x3f, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x62, - 0x6f, 0x75, 0x6e, 0x64, 0x61, 0x72, 0x79, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, - 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x2f, - 0x61, 0x75, 0x74, 0x68, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, + 0x09, 0x52, 0x08, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x70, 0x42, 0x41, 0x5a, 0x3f, 0x67, + 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, + 0x6f, 0x72, 0x70, 0x2f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x61, 0x72, 0x79, 0x2f, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, + 0x6c, 0x6c, 0x65, 0x72, 0x2f, 0x61, 0x75, 0x74, 0x68, 0x3b, 0x61, 0x75, 0x74, 0x68, 0x62, 0x06, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/internal/host/plugin/job_set_sync_test.go b/internal/host/plugin/job_set_sync_test.go index 79021757b6..990367fe74 100644 --- a/internal/host/plugin/job_set_sync_test.go +++ b/internal/host/plugin/job_set_sync_test.go @@ -6,7 +6,6 @@ package plugin import ( "context" "fmt" - "net" "testing" "time" @@ -199,7 +198,7 @@ func TestSetSyncJob_Run(t *testing.T) { Hosts: []*plgpb.ListHostsResponseHost{ { ExternalId: "first", - IpAddresses: []string{fmt.Sprintf("10.0.0.%d", *counter), testGetIpv6Address(t)}, + IpAddresses: []string{fmt.Sprintf("10.0.0.%d", *counter)}, DnsNames: []string{"foo.com"}, SetIds: setIds, }, @@ -226,13 +225,6 @@ func TestSetSyncJob_Run(t *testing.T) { assert.Len(hosts, 1) for _, host := range hosts { assert.Equal(uint32(1), host.Version) - require.Len(host.IpAddresses, 2) - ipv4 := net.ParseIP(host.IpAddresses[0]) - require.NotNil(ipv4) - require.NotNil(ipv4.To4()) - ipv6 := net.ParseIP(host.IpAddresses[1]) - require.NotNil(ipv6) - require.NotNil(ipv6.To16()) } require.NoError(rw.LookupByPublicId(ctx, hsa)) diff --git a/internal/host/plugin/repository_host_test.go b/internal/host/plugin/repository_host_test.go index cc9468cd0a..e2caef7f2c 100644 --- a/internal/host/plugin/repository_host_test.go +++ b/internal/host/plugin/repository_host_test.go @@ -163,7 +163,7 @@ func TestJob_UpsertHosts(t *testing.T) { in: func() *input { ph := phs[1] e := exp[1] - newIp := testGetIpv4Address(t) + newIp := testGetIpAddress(t) newName := testGetDnsName(t) ph.IpAddresses = append(ph.IpAddresses, newIp) e.IpAddresses = append(e.IpAddresses, newIp) diff --git a/internal/host/plugin/testing.go b/internal/host/plugin/testing.go index d4f1b41b87..3b1559415a 100644 --- a/internal/host/plugin/testing.go +++ b/internal/host/plugin/testing.go @@ -165,8 +165,7 @@ func TestExternalHosts(t testing.TB, catalog *HostCatalog, setIds []string, coun externalId, err := base62.Random(10) require.NoError(err) - ipv4Str := testGetIpv4Address(t) - ipv6Str := testGetIpv6Address(t) + ipStr := testGetIpAddress(t) dnsName := testGetDnsName(t) rh := &plgpb.ListHostsResponseHost{ @@ -174,7 +173,7 @@ func TestExternalHosts(t testing.TB, catalog *HostCatalog, setIds []string, coun Name: base62.MustRandom(10), Description: base62.MustRandom(10), SetIds: setIds[0 : i+1], - IpAddresses: []string{ipv4Str, ipv6Str}, + IpAddresses: []string{ipStr}, DnsNames: []string{dnsName}, } retRH = append(retRH, rh) @@ -191,7 +190,7 @@ func TestExternalHosts(t testing.TB, catalog *HostCatalog, setIds []string, coun CatalogId: catalog.PublicId, PublicId: publicId, ExternalId: externalId, - IpAddresses: []string{ipv4Str, ipv6Str}, + IpAddresses: []string{ipStr}, DnsNames: []string{dnsName}, Version: 1, }, @@ -218,7 +217,7 @@ func testGetDnsName(t testing.TB) string { return fmt.Sprintf("%s.example.com", dnsName) } -func testGetIpv4Address(t testing.TB) string { +func testGetIpAddress(t testing.TB) string { ipBytes := make([]byte, 4) for { lr := io.LimitReader(rand.Reader, 4) @@ -232,18 +231,3 @@ func testGetIpv4Address(t testing.TB) string { } } } - -func testGetIpv6Address(t testing.TB) string { - ipBytes := make([]byte, 16) - for { - lr := io.LimitReader(rand.Reader, 16) - n, err := lr.Read(ipBytes) - require.NoError(t, err) - require.Equal(t, n, 16) - ip := net.IP(ipBytes) - v6 := ip.To16() - if v6 != nil { - return v6.String() - } - } -} diff --git a/internal/host/static/repository_host_test.go b/internal/host/static/repository_host_test.go index 88056ba1c2..aee131d18e 100644 --- a/internal/host/static/repository_host_test.go +++ b/internal/host/static/repository_host_test.go @@ -70,7 +70,7 @@ func TestRepository_CreateHost(t *testing.T) { wantIsErr: errors.InvalidParameter, }, { - name: "valid-ipv4-address", + name: "valid-no-options", in: &Host{ Host: &store.Host{ CatalogId: catalog.PublicId, @@ -84,36 +84,6 @@ func TestRepository_CreateHost(t *testing.T) { }, }, }, - { - name: "valid-abbreviated-ipv6-address", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "2001:4860:4860::8888", - }, - }, - want: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "2001:4860:4860::8888", - }, - }, - }, - { - name: "valid-ipv6-address", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "2001:4860:4860:0:0:0:0:8888", - }, - }, - want: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "2001:4860:4860:0:0:0:0:8888", - }, - }, - }, { name: "valid-with-name", in: &Host{ @@ -575,7 +545,7 @@ func TestRepository_UpdateHost(t *testing.T) { wantCount: 1, }, { - name: "change-ipv4-address", + name: "change-address", orig: &Host{ Host: &store.Host{ Address: "127.0.0.1", @@ -590,38 +560,6 @@ func TestRepository_UpdateHost(t *testing.T) { }, wantCount: 1, }, - { - name: "change-abbreviated-ipv6-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("2001:4860:4860::8888"), - masks: []string{"Address"}, - want: &Host{ - Host: &store.Host{ - Address: "2001:4860:4860::8888", - }, - }, - wantCount: 1, - }, - { - name: "change-ipv6-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("2001:4860:4860:0:0:0:0:8888"), - masks: []string{"Address"}, - want: &Host{ - Host: &store.Host{ - Address: "2001:4860:4860:0:0:0:0:8888", - }, - }, - wantCount: 1, - }, { name: "change-short-address", orig: &Host{ diff --git a/internal/proto/controller/auth/v1/auth.proto b/internal/proto/controller/auth/v1/auth.proto index 2cb2acd897..15030398b8 100644 --- a/internal/proto/controller/auth/v1/auth.proto +++ b/internal/proto/controller/auth/v1/auth.proto @@ -51,7 +51,4 @@ message RequestInfo { // the client ip for the request string client_ip = 140; - - // url actions from the request path - repeated string actions = 141; } diff --git a/internal/ratelimit/handler_test.go b/internal/ratelimit/handler_test.go index 952283c470..34d9c1b718 100644 --- a/internal/ratelimit/handler_test.go +++ b/internal/ratelimit/handler_test.go @@ -67,7 +67,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -109,7 +109,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -151,7 +151,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -193,7 +193,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -235,7 +235,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -277,7 +277,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -319,7 +319,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusOK, http.Header{ @@ -369,7 +369,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusTooManyRequests, http.Header{ @@ -436,7 +436,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusServiceUnavailable, http.Header{ @@ -477,7 +477,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusInternalServerError, http.Header{}, @@ -516,7 +516,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusNotFound, http.Header{}, @@ -555,7 +555,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusBadRequest, http.Header{}, @@ -594,7 +594,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusMethodNotAllowed, http.Header{}, @@ -633,7 +633,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusMethodNotAllowed, http.Header{}, @@ -672,7 +672,7 @@ func TestHandler(t *testing.T) { require.NoError(t, err) return r }, - "[::1]", + "127.0.0.1", "authtoken", http.StatusMethodNotAllowed, http.Header{}, @@ -756,7 +756,7 @@ func TestHandlerErrors(t *testing.T) { ctx, err = event.NewRequestInfoContext(ctx, &event.RequestInfo{ Id: id, EventId: common.GeneratedTraceId(ctx), - ClientIp: "[::1]", + ClientIp: "127.0.0.1", }) require.NoError(t, err) return ctx diff --git a/internal/server/options.go b/internal/server/options.go index 205e765124..f737d2f90e 100644 --- a/internal/server/options.go +++ b/internal/server/options.go @@ -129,7 +129,7 @@ func WithWorkerTags(tags ...*Tag) Option { } } if len(newTags) > 0 { - o.withWorkerTags = newTags + o.withWorkerTags = tags } } } diff --git a/internal/server/options_test.go b/internal/server/options_test.go index cb4e620d63..aae84a9c46 100644 --- a/internal/server/options_test.go +++ b/internal/server/options_test.go @@ -77,11 +77,10 @@ func Test_GetOpts(t *testing.T) { tags := []*Tag{ {Key: "key1", Value: "val1"}, {Key: "key2", Value: "val2"}, - nil, } opts := GetOpts(WithWorkerTags(tags...)) testOpts := getDefaultOptions() - testOpts.withWorkerTags = tags[:2] + testOpts.withWorkerTags = tags opts.withNewIdFunc = nil testOpts.withNewIdFunc = nil assert.Equal(t, opts, testOpts) diff --git a/internal/server/repository_controller_test.go b/internal/server/repository_controller_test.go index 140dac7913..a066df6f05 100644 --- a/internal/server/repository_controller_test.go +++ b/internal/server/repository_controller_test.go @@ -54,29 +54,13 @@ func TestRepository_UpsertController(t *testing.T) { wantErr: true, }, { - name: "valid-ipv4-controller", + name: "valid-controller", controller: &store.Controller{ - PrivateId: "test-ipv4-controller", + PrivateId: "test-controller", Address: "127.0.0.1", }, wantCount: 1, }, - { - name: "valid-ipv6-controller", - controller: &store.Controller{ - PrivateId: "test-ipv6-controller", - Address: "[2001:4860:4860:0:0:0:0:8888]", - }, - wantCount: 1, - }, - { - name: "valid-abbreviated-ipv6-controller", - controller: &store.Controller{ - PrivateId: "test-abbreviated-ipv6-controller", - Address: "[2001:4860:4860::8888]", - }, - wantCount: 1, - }, { name: "valid-controller-short-name", controller: &store.Controller{ diff --git a/internal/server/repository_worker_test.go b/internal/server/repository_worker_test.go index 1295535167..3ef5177524 100644 --- a/internal/server/repository_worker_test.go +++ b/internal/server/repository_worker_test.go @@ -499,72 +499,6 @@ func TestUpsertWorkerStatus(t *testing.T) { require.NoError(t, err) assert.Len(t, workers, 2) }) - - t.Run("ipv4 address", func(t *testing.T) { - status := server.NewWorker(scope.Global.String(), - server.WithName("worker-with-ipv4-address"), - server.WithAddress("8.8.8.8"), - server.WithReleaseVersion("Boundary v0.11.0")) - _, err = repo.UpsertWorkerStatus(ctx, status) - require.NoError(t, err) - - workers, err := repo.ListWorkers(ctx, []string{scope.Global.String()}) - require.NoError(t, err) - require.NotEmpty(t, workers) - var actualWorker *server.Worker - for _, w := range workers { - if w.Name == "worker-with-ipv4-address" { - actualWorker = w - break - } - } - require.NotNil(t, actualWorker) - assert.Equal(t, actualWorker.Address, "8.8.8.8") - }) - - t.Run("ipv6 address", func(t *testing.T) { - status := server.NewWorker(scope.Global.String(), - server.WithName("worker-with-ipv6-address"), - server.WithAddress("2001:4860:4860:0:0:0:0:8888"), - server.WithReleaseVersion("Boundary v0.11.0")) - _, err = repo.UpsertWorkerStatus(ctx, status) - require.NoError(t, err) - - workers, err := repo.ListWorkers(ctx, []string{scope.Global.String()}) - require.NoError(t, err) - require.NotEmpty(t, workers) - var actualWorker *server.Worker - for _, w := range workers { - if w.Name == "worker-with-ipv6-address" { - actualWorker = w - break - } - } - require.NotNil(t, actualWorker) - assert.Equal(t, actualWorker.Address, "2001:4860:4860:0:0:0:0:8888") - }) - - t.Run("ipv6 abbreviated address", func(t *testing.T) { - status := server.NewWorker(scope.Global.String(), - server.WithName("worker-with-abbreviated-ipv6-address"), - server.WithAddress("2001:4860:4860::8888"), - server.WithReleaseVersion("Boundary v0.11.0")) - _, err = repo.UpsertWorkerStatus(ctx, status) - require.NoError(t, err) - - workers, err := repo.ListWorkers(ctx, []string{scope.Global.String()}) - require.NoError(t, err) - require.NotEmpty(t, workers) - var actualWorker *server.Worker - for _, w := range workers { - if w.Name == "worker-with-abbreviated-ipv6-address" { - actualWorker = w - break - } - } - require.NotNil(t, actualWorker) - assert.Equal(t, actualWorker.Address, "2001:4860:4860::8888") - }) } func TestTagUpdatingListing(t *testing.T) { diff --git a/internal/session/session_connect_with_test.go b/internal/session/session_connect_with_test.go index f156905c8e..2e3b7dcfd9 100644 --- a/internal/session/session_connect_with_test.go +++ b/internal/session/session_connect_with_test.go @@ -29,7 +29,7 @@ func TestConnectWith_validate(t *testing.T) { wantErr bool }{ { - name: "valid-ipv4", + name: "valid", fields: fields{ SessionId: id, ClientTcpAddress: "0.0.0.1", @@ -39,17 +39,6 @@ func TestConnectWith_validate(t *testing.T) { UserClientIp: "127.0.0.1", }, }, - { - name: "valid-ipv6", - fields: fields{ - SessionId: id, - ClientTcpAddress: "[::1]", - ClientTcpPort: 22, - EndpointTcpAddress: "[::1]", - EndpointTcpPort: 2222, - UserClientIp: "[::2]", - }, - }, { name: "missing-SessionId", fields: fields{ diff --git a/internal/session/session_test.go b/internal/session/session_test.go index 3dcd958e07..fa8839f30c 100644 --- a/internal/session/session_test.go +++ b/internal/session/session_test.go @@ -33,7 +33,7 @@ func TestSession_Create(t *testing.T) { composedOf := testSessionCredentialParams(t, conn, wrapper, iamRepo) exp := ×tamp.Timestamp{Timestamp: timestamppb.New(time.Now().Add(time.Hour))} - defaultAddresses := []string{"1.2.3.4", "a.b.c.d", "[2001:4860:4860::8888]", "[2001:4860:4860:0:0:0:0:8888]"} + defaultAddresses := []string{"1.2.3.4", "a.b.c.d"} type args struct { composedOf ComposedOf addresses []string @@ -50,7 +50,7 @@ func TestSession_Create(t *testing.T) { wantCreateErr bool }{ { - name: "valid-hostset-host-ipv4", + name: "valid-hostset-host", args: args{ composedOf: composedOf, opt: []Option{WithExpirationTime(exp)}, @@ -72,33 +72,6 @@ func TestSession_Create(t *testing.T) { }, create: true, }, - { - name: "valid-hostset-host-ipv6", - args: args{ - composedOf: func() ComposedOf { - c := composedOf - c.Endpoint = "tcp://[::1]:22" - return c - }(), - opt: []Option{WithExpirationTime(exp)}, - addresses: defaultAddresses, - }, - want: &Session{ - UserId: composedOf.UserId, - HostId: composedOf.HostId, - TargetId: composedOf.TargetId, - HostSetId: composedOf.HostSetId, - AuthTokenId: composedOf.AuthTokenId, - ProjectId: composedOf.ProjectId, - Endpoint: "tcp://[::1]:22", - ExpirationTime: composedOf.ExpirationTime, - ConnectionLimit: composedOf.ConnectionLimit, - DynamicCredentials: composedOf.DynamicCredentials, - StaticCredentials: composedOf.StaticCredentials, - CorrelationId: composedOf.CorrelationId, - }, - create: true, - }, { name: "valid-target-address", args: args{ diff --git a/internal/target/tcp/repository_tcp_target_test.go b/internal/target/tcp/repository_tcp_target_test.go index 6341c86dbf..5f944351b1 100644 --- a/internal/target/tcp/repository_tcp_target_test.go +++ b/internal/target/tcp/repository_tcp_target_test.go @@ -71,12 +71,12 @@ func TestRepository_CreateTarget(t *testing.T) { wantErr: false, }, { - name: "with-ipv4-address", + name: "with-address", args: args{ target: func() target.Target { target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-ipv4-address"), - target.WithDescription("with-ipv4-address"), + target.WithName("with-address"), + target.WithDescription("with-address"), target.WithDefaultPort(80), target.WithAddress("8.8.8.8")) require.NoError(t, err) @@ -85,36 +85,6 @@ func TestRepository_CreateTarget(t *testing.T) { }, wantErr: false, }, - { - name: "with-abbreviated-ipv6-address", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-abbreviated-ipv6-address"), - target.WithDescription("with-abbreviated-ipv6-address"), - target.WithDefaultPort(80), - target.WithAddress("2001:4860:4860::8888")) - require.NoError(t, err) - return target - }(), - }, - wantErr: false, - }, - { - name: "with-ipv6-address", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-ipv6-address"), - target.WithDescription("with-ipv6-address"), - target.WithDefaultPort(80), - target.WithAddress("2001:4860:4860:0:0:0:0:8888")) - require.NoError(t, err) - return target - }(), - }, - wantErr: false, - }, { name: "with-address-whitespace", args: args{ @@ -390,9 +360,9 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { }, { - name: "valid-ipv4-address", + name: "valid-address", args: args{ - name: "valid-ipv4-address" + id, + name: "valid-address" + id, fieldMaskPaths: []string{"Name", "Address"}, ProjectId: proj.PublicId, address: "8.8.8.8", @@ -402,32 +372,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { wantRowsUpdate: 1, wantHostSources: false, }, - { - name: "valid-abbreviated-ipv6-address", - args: args{ - name: "valid-abbreviated-ipv6-address" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "2001:4860:4860::8888", - }, - newProjectId: proj.PublicId, - wantErr: false, - wantRowsUpdate: 1, - wantHostSources: false, - }, - { - name: "valid-ipv6-address", - args: args{ - name: "valid-ipv6-address" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "2001:4860:4860:0:0:0:0:8888", - }, - newProjectId: proj.PublicId, - wantErr: false, - wantRowsUpdate: 1, - wantHostSources: false, - }, { name: "null-address", args: args{ diff --git a/internal/tests/api/targets/target_test.go b/internal/tests/api/targets/target_test.go index 72a6bb1ea9..edbb2ff499 100644 --- a/internal/tests/api/targets/target_test.go +++ b/internal/tests/api/targets/target_test.go @@ -380,10 +380,10 @@ func TestTarget_AddressMutualExclusiveRelationship(t *testing.T) { // Create target with a network address association targetResp, err := tClient.Create(tc.Context(), "tcp", proj.GetPublicId(), - targets.WithName("test-address"), targets.WithAddress("[::1]"), targets.WithTcpTargetDefaultPort(22)) + targets.WithName("test-address"), targets.WithAddress("localhost"), targets.WithTcpTargetDefaultPort(22)) require.NoError(t, err) require.NotNil(t, targetResp) - require.Equal(t, "[::1]", targetResp.GetItem().Address) + require.Equal(t, "localhost", targetResp.GetItem().Address) // Setup host catalog, host set, & host resources hc, err := hostcatalogs.NewClient(client).Create(tc.Context(), "static", proj.GetPublicId()) @@ -392,7 +392,7 @@ func TestTarget_AddressMutualExclusiveRelationship(t *testing.T) { hs, err := hostsets.NewClient(client).Create(tc.Context(), hc.Item.Id) require.NoError(t, err) require.NotNil(t, hs) - h, err := hosts.NewClient(client).Create(tc.Context(), hc.Item.Id, hosts.WithStaticHostAddress("[::1]")) + h, err := hosts.NewClient(client).Create(tc.Context(), hc.Item.Id, hosts.WithStaticHostAddress("localhost")) require.NoError(t, err) require.NotNil(t, h) hUpdate, err := hostsets.NewClient(client).AddHosts(tc.Context(), hs.Item.Id, hs.Item.Version, []string{h.GetItem().Id}) @@ -438,7 +438,7 @@ func TestTarget_HostSourceMutualExclusiveRelationship(t *testing.T) { hs, err := hostsets.NewClient(client).Create(tc.Context(), hc.Item.Id) require.NoError(t, err) require.NotNil(t, hs) - h, err := hosts.NewClient(client).Create(tc.Context(), hc.Item.Id, hosts.WithStaticHostAddress("[::1]")) + h, err := hosts.NewClient(client).Create(tc.Context(), hc.Item.Id, hosts.WithStaticHostAddress("localhost")) require.NoError(t, err) require.NotNil(t, h) hUpdate, err := hostsets.NewClient(client).AddHosts(tc.Context(), hs.Item.Id, hs.Item.Version, []string{h.GetItem().Id}) @@ -461,7 +461,7 @@ func TestTarget_HostSourceMutualExclusiveRelationship(t *testing.T) { require.Empty(t, updateResp.GetItem().Address) require.Equal(t, []string{hs.Item.Id}, updateResp.GetItem().HostSourceIds) version = updateResp.GetItem().Version - updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("[::1]")) + updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("localhost")) require.Error(t, err) require.Nil(t, updateResp) apiErr := api.AsServerError(err) @@ -474,10 +474,10 @@ func TestTarget_HostSourceMutualExclusiveRelationship(t *testing.T) { require.NotNil(t, updateResp) require.Empty(t, updateResp.GetItem().HostSourceIds) version = updateResp.GetItem().Version - updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("[::1]")) + updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("localhost")) require.NoError(t, err) require.NotNil(t, updateResp) - require.Equal(t, "[::1]", updateResp.GetItem().Address) + require.Equal(t, "localhost", updateResp.GetItem().Address) require.Empty(t, updateResp.GetItem().HostSourceIds) } @@ -498,14 +498,6 @@ func TestCreateTarget_DirectlyAttachedAddress(t *testing.T) { name: "target-ipv4-address", address: "127.0.0.1", }, - { - name: "target-ipv6-address", - address: "[2001:4860:4860:0:0:0:0:8888]", - }, - { - name: "target-abbreviated-ipv6-address", - address: "[2001:4860:4860::8888]", - }, { name: "target-dns-address", address: "null", diff --git a/internal/tests/cluster/session_cleanup_test.go b/internal/tests/cluster/session_cleanup_test.go index 71e3d39707..6e6a2a7843 100644 --- a/internal/tests/cluster/session_cleanup_test.go +++ b/internal/tests/cluster/session_cleanup_test.go @@ -86,7 +86,7 @@ func testWorkerSessionCleanupSingle(burdenCase timeoutBurdenType) func(t *testin conf, err := config.DevController() require.NoError(err) - pl, err := net.Listen("tcp", "[::1]:0") + pl, err := net.Listen("tcp", "localhost:0") require.NoError(err) c1 := controller.NewTestController(t, &controller.TestControllerOpts{ Config: conf, @@ -217,7 +217,7 @@ func testWorkerSessionCleanupMulti(burdenCase timeoutBurdenType) func(t *testing conf1, err := config.DevController() require.NoError(err) - pl1, err := net.Listen("tcp", "[::1]:0") + pl1, err := net.Listen("tcp", "localhost:0") require.NoError(err) c1 := controller.NewTestController(t, &controller.TestControllerOpts{ Config: conf1, @@ -230,7 +230,7 @@ func testWorkerSessionCleanupMulti(burdenCase timeoutBurdenType) func(t *testing // ****************** // ** Controller 2 ** // ****************** - pl2, err := net.Listen("tcp", "[::1]:0") + pl2, err := net.Listen("tcp", "localhost:0") require.NoError(err) c2 := c1.AddClusterControllerMember(t, &controller.TestControllerOpts{ Logger: logger.Named("c2"), diff --git a/internal/tests/cluster/x509_verification_test.go b/internal/tests/cluster/x509_verification_test.go index d06e7759aa..d1fff14464 100644 --- a/internal/tests/cluster/x509_verification_test.go +++ b/internal/tests/cluster/x509_verification_test.go @@ -10,7 +10,6 @@ import ( "crypto/x509" "errors" "fmt" - "io" "net" "net/http" "sync" @@ -186,22 +185,13 @@ func TestCustomX509Verification_Client(t *testing.T) { } func TestCustomX509Verification_Server(t *testing.T) { - t.Skip("These tests are currently not working and will need further investigation") - ec := event.TestEventerConfig(t, "TestCustomX509Verification_Server", event.TestWithObservationSink(t), event.TestWithSysSink(t)) testLock := &sync.Mutex{} logger := hclog.New(&hclog.LoggerOptions{ Mutex: testLock, Name: "test", - Level: hclog.Trace, }) require.NoError(t, event.InitSysEventer(logger, testLock, "use-TestCustomX509Verification_Server", event.WithEventerConfig(&ec.EventerConfig))) - t.Cleanup(func() { event.TestResetSystEventer(t) }) - t.Cleanup(func() { - all, err := io.ReadAll(ec.AllEvents) - require.NoError(t, err) - t.Log(string(all)) - }) t.Run("bad cert pool", testCustomX509Verification_Server(ec, x509.NewCertPool(), "", "bad certificate")) t.Run("bad dns name", testCustomX509Verification_Server(ec, nil, "foobar", "bad certificate")) diff --git a/plugins/boundary/mains/aws/go.mod b/plugins/boundary/mains/aws/go.mod index b70acf706f..61c169a85e 100644 --- a/plugins/boundary/mains/aws/go.mod +++ b/plugins/boundary/mains/aws/go.mod @@ -1,6 +1,8 @@ module github.com/hashicorp/boundary/plugins/boundary/mains/aws -go 1.23.0 +go 1.21 + +toolchain go1.21.5 require ( github.com/hashicorp/boundary-plugin-aws v0.3.2-0.20240724155006-9af01109459c diff --git a/plugins/boundary/mains/azure/go.mod b/plugins/boundary/mains/azure/go.mod index 8c62c54681..e1d31f48be 100644 --- a/plugins/boundary/mains/azure/go.mod +++ b/plugins/boundary/mains/azure/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/boundary/mains/azure -go 1.23.0 +go 1.20 require ( github.com/hashicorp/boundary-plugin-azure v0.1.3 diff --git a/plugins/boundary/mains/azure/go.sum b/plugins/boundary/mains/azure/go.sum index d8dd90bff3..a03ebd549a 100644 --- a/plugins/boundary/mains/azure/go.sum +++ b/plugins/boundary/mains/azure/go.sum @@ -60,17 +60,11 @@ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBp github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= -github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= -github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= -github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= @@ -138,7 +132,6 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -150,7 +143,6 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/hashicorp/boundary-plugin-azure v0.1.3 h1:tD861pyIOMts6YCIir/luV3qjukxAfw1wSgu5gFgxMg= @@ -171,7 +163,6 @@ github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrj github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= @@ -184,22 +175,15 @@ github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PU github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 h1:uPW2Wn0YlmI9RGSkZpcIplnVRwJ7BCiGpk1vnF2TMw4= -github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11/go.mod h1:uis9dCmOzXuOaRyXq+1Foh31kcvXKoWogjNnhfjHfW8= github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZUnzJ3VzJyirWS/WnNCuOYtZY= -github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0= github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY= github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI= -github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0= github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8= -github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3/go.mod h1:LWq2Sy8UoKKuK4lFuCNWSjJj57MhNNf2zzBWMtkAIX4= github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= @@ -208,25 +192,19 @@ github.com/hashicorp/go-version v1.3.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= -github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= -github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W65euzixn7clSzK66puSt1H4I5SC0EmHH4= -github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -243,7 +221,6 @@ github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/ github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= -github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= @@ -263,7 +240,6 @@ github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsK github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= -github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= @@ -272,9 +248,7 @@ github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4 github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= -github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= -github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -327,7 +301,6 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRu golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -476,7 +449,6 @@ golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/plugins/boundary/mains/minio/go.mod b/plugins/boundary/mains/minio/go.mod index d44458fbdc..691964a097 100644 --- a/plugins/boundary/mains/minio/go.mod +++ b/plugins/boundary/mains/minio/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/boundary/mains/minio -go 1.23.0 +go 1.22.2 require ( github.com/hashicorp/boundary-plugin-minio v0.1.4 diff --git a/plugins/kms/mains/alicloudkms/go.mod b/plugins/kms/mains/alicloudkms/go.mod index 0c43eda07d..68cccb5217 100644 --- a/plugins/kms/mains/alicloudkms/go.mod +++ b/plugins/kms/mains/alicloudkms/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/alicloudkms -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/alicloudkms/go.sum b/plugins/kms/mains/alicloudkms/go.sum index 15082fab99..09ac2a869f 100644 --- a/plugins/kms/mains/alicloudkms/go.sum +++ b/plugins/kms/mains/alicloudkms/go.sum @@ -1,7 +1,6 @@ github.com/aliyun/alibaba-cloud-sdk-go v1.62.214 h1:4Z3mUiUTC2QezSy1N+Pz8CGb1pjxlIHO6OJfjkmktHw= github.com/aliyun/alibaba-cloud-sdk-go v1.62.214/go.mod h1:Api2AkmMgGaSUAhmk76oaFObkoeCPc/bKAqcyplPODs= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -14,7 +13,6 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= @@ -34,7 +32,6 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -45,11 +42,9 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -114,7 +109,6 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= diff --git a/plugins/kms/mains/awskms/go.mod b/plugins/kms/mains/awskms/go.mod index a3a7596f90..91d17ecda3 100644 --- a/plugins/kms/mains/awskms/go.mod +++ b/plugins/kms/mains/awskms/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/awskms -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/awskms/go.sum b/plugins/kms/mains/awskms/go.sum index fa631a2b88..e2cea0a3bd 100644 --- a/plugins/kms/mains/awskms/go.sum +++ b/plugins/kms/mains/awskms/go.sum @@ -2,7 +2,6 @@ github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZve github.com/aws/aws-sdk-go v1.44.214 h1:YzDuC+9UtrAOUkItlK7l3BvKI9o6qAog9X8i289HORc= github.com/aws/aws-sdk-go v1.44.214/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -17,7 +16,6 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -46,7 +44,6 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= @@ -145,7 +142,6 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= diff --git a/plugins/kms/mains/azurekeyvault/go.mod b/plugins/kms/mains/azurekeyvault/go.mod index a68bbd1ef6..7235bd09fd 100644 --- a/plugins/kms/mains/azurekeyvault/go.mod +++ b/plugins/kms/mains/azurekeyvault/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/azurekeyvault -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/azurekeyvault/go.sum b/plugins/kms/mains/azurekeyvault/go.sum index 9dae6a3662..500f0b6d59 100644 --- a/plugins/kms/mains/azurekeyvault/go.sum +++ b/plugins/kms/mains/azurekeyvault/go.sum @@ -29,12 +29,10 @@ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBp github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk= github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= -github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= @@ -48,7 +46,6 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= @@ -69,14 +66,11 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -168,10 +162,8 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= -gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/plugins/kms/mains/gcpckms/go.mod b/plugins/kms/mains/gcpckms/go.mod index c4c2acdede..f4b8f9d829 100644 --- a/plugins/kms/mains/gcpckms/go.mod +++ b/plugins/kms/mains/gcpckms/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/gcpckms -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/gcpckms/go.sum b/plugins/kms/mains/gcpckms/go.sum index 9c0afe2c3c..dceb64791a 100644 --- a/plugins/kms/mains/gcpckms/go.sum +++ b/plugins/kms/mains/gcpckms/go.sum @@ -1,6 +1,5 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.110.8 h1:tyNdfIxjzaWctIiLYOTalaLKZ17SI44SKFW26QbOhME= -cloud.google.com/go v0.110.8/go.mod h1:Iz8AkXJf1qmxC3Oxoep8R1T36w8B92yU29PcBhHO5fk= cloud.google.com/go/compute v1.23.1 h1:V97tBoDaZHb6leicZ1G6DLK2BAaZLJ/7+9BB/En3hR0= cloud.google.com/go/compute v1.23.1/go.mod h1:CqB3xpmPKKt3OJpW2ndFIXnA9A4xAy/F3Xp1ixncW78= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= @@ -11,7 +10,6 @@ cloud.google.com/go/kms v1.15.5 h1:pj1sRfut2eRbD9pFRjNnPNg/CzJPuQAzUujMIM1vVeM= cloud.google.com/go/kms v1.15.5/go.mod h1:cU2H5jnp6G2TDpUGZyqTCoy1n16fbubHZjmVXSMtwDI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -51,7 +49,6 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -77,14 +74,11 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -201,7 +195,6 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/plugins/kms/mains/ocikms/go.mod b/plugins/kms/mains/ocikms/go.mod index 07fd1460eb..6e286038d6 100644 --- a/plugins/kms/mains/ocikms/go.mod +++ b/plugins/kms/mains/ocikms/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/ocikms -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/ocikms/go.sum b/plugins/kms/mains/ocikms/go.sum index ef5345e7f5..33f223cd59 100644 --- a/plugins/kms/mains/ocikms/go.sum +++ b/plugins/kms/mains/ocikms/go.sum @@ -1,5 +1,4 @@ github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -11,7 +10,6 @@ github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= @@ -30,14 +28,11 @@ github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= @@ -63,7 +58,6 @@ github.com/sony/gobreaker v0.5.0 h1:dRCvqm0P490vZPmy7ppEk2qCnCieBooFJ+YoXGYB+yg= github.com/sony/gobreaker v0.5.0/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= @@ -93,7 +87,6 @@ google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/plugins/kms/mains/transit/go.mod b/plugins/kms/mains/transit/go.mod index 0c29b17135..96758beeae 100644 --- a/plugins/kms/mains/transit/go.mod +++ b/plugins/kms/mains/transit/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/plugins/kms/mains/transit -go 1.23.0 +go 1.20 require ( github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 diff --git a/plugins/kms/mains/transit/go.sum b/plugins/kms/mains/transit/go.sum index 7be96a2a09..23d482b6cf 100644 --- a/plugins/kms/mains/transit/go.sum +++ b/plugins/kms/mains/transit/go.sum @@ -1,7 +1,6 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/cenkalti/backoff/v3 v3.2.2 h1:cfUAAO3yvKMYKPrvhDuHSwQnhZNk/RMHKdZqKTxfm6M= github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -14,7 +13,6 @@ github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBD github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw= -github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= @@ -64,11 +62,8 @@ github.com/hashicorp/vault/api v1.10.0/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5 github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= @@ -95,7 +90,6 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= @@ -170,7 +164,6 @@ google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/scan.hcl b/scan.hcl index bc6be24ef5..245f9a3735 100644 --- a/scan.hcl +++ b/scan.hcl @@ -15,7 +15,7 @@ repository { plugin "semgrep" { use_git_ignore = true exclude = ["*_test.go", "website/*", "testing/*"] - config = ["p/gosec", ".semgrep/"] + config = ["p/gosec"] } plugin "codeql" { diff --git a/sdk/go.mod b/sdk/go.mod index e972dd45f7..df6250f830 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -1,6 +1,8 @@ module github.com/hashicorp/boundary/sdk -go 1.23.1 +go 1.21 + +toolchain go1.21.5 require ( github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 diff --git a/sdk/testutil/free_port_test.go b/sdk/testutil/free_port_test.go index 82ea29065d..ffd7e8a799 100644 --- a/sdk/testutil/free_port_test.go +++ b/sdk/testutil/free_port_test.go @@ -19,7 +19,7 @@ func Test_TestFreePort(t *testing.T) { p := TestFreePort(t) assert.NotEmpty(p) - addr, err := net.ResolveTCPAddr("tcp", fmt.Sprintf("[::1]:%d", p)) + addr, err := net.ResolveTCPAddr("tcp", fmt.Sprintf("localhost:%d", p)) require.NoError(err) l, err := net.ListenTCP("tcp", addr) require.NoError(err) diff --git a/testing/internal/e2e/tests/base/target_tcp_connect_authz_token_test.go b/testing/internal/e2e/tests/base/target_tcp_connect_authz_token_test.go index af08e99c0f..22c05195c5 100644 --- a/testing/internal/e2e/tests/base/target_tcp_connect_authz_token_test.go +++ b/testing/internal/e2e/tests/base/target_tcp_connect_authz_token_test.go @@ -12,7 +12,6 @@ import ( "testing" "github.com/hashicorp/boundary/api/targets" - "github.com/hashicorp/boundary/internal/target" "github.com/hashicorp/boundary/testing/internal/e2e" "github.com/hashicorp/boundary/testing/internal/e2e/boundary" "github.com/stretchr/testify/assert" @@ -36,8 +35,7 @@ func TestCliTcpTargetConnectTargetWithAuthzToken(t *testing.T) { output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("scopes", "delete", "-id", orgId)) require.NoError(t, output.Err, string(output.Stderr)) }) - testProjectName := `E2E/Project-With\Name` - projectId, err := boundary.CreateProjectCli(t, ctx, orgId, boundary.WithName(testProjectName)) + projectId, err := boundary.CreateProjectCli(t, ctx, orgId) require.NoError(t, err) hostCatalogId, err := boundary.CreateHostCatalogCli(t, ctx, projectId) require.NoError(t, err) @@ -47,8 +45,7 @@ func TestCliTcpTargetConnectTargetWithAuthzToken(t *testing.T) { require.NoError(t, err) err = boundary.AddHostToHostSetCli(t, ctx, hostSetId, hostId) require.NoError(t, err) - testTargetName := `E2E/Test-Target-With\Name` - targetId, err := boundary.CreateTargetCli(t, ctx, projectId, c.TargetPort, target.WithName(testTargetName)) + targetId, err := boundary.CreateTargetCli(t, ctx, projectId, c.TargetPort) require.NoError(t, err) err = boundary.AddHostSourceToTargetCli(t, ctx, targetId, hostSetId) require.NoError(t, err) @@ -115,26 +112,4 @@ func TestCliTcpTargetConnectTargetWithAuthzToken(t *testing.T) { hostIp := parts[len(parts)-1] require.Equal(t, c.TargetAddress, hostIp, "SSH session did not return expected output") t.Log("Successfully connected to target") - - // Authorize session with target name and scope id - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "targets", "authorize-session", - "-name", testTargetName, - "-scope-id", projectId, - "-format", "json", - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Authorize session with target name and scope name - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "targets", "authorize-session", - "-name", testTargetName, - "-scope-name", testProjectName, - "-format", "json", - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) } diff --git a/version/VERSION b/version/VERSION index c5523bd09b..50c2e5e29f 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -0.17.0 +0.17.2 \ No newline at end of file