try using scaffolding main branch #258
verify-codegen.yaml
on: pull_request
Verify codegen
3m 54s
Annotations
8 errors and 1 warning
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/lifetime_watcher.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/lifetime_watcher.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/lifetime_watcher.go
index 5c060e5a..4bc1390b 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/lifetime_watcher.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/lifetime_watcher.go
@@ -6,6 +6,7 @@ package api
import (
"errors"
"math/rand"
+ "strings"
"sync"
"time"
@@ -31,6 +32,7 @@ var (
DefaultRenewerRenewBuffer = 5
)
+//go:generate enumer -type=RenewBehavior -trimprefix=RenewBehavior
type RenewBehavior uint
const (
@@ -288,12 +290,18 @@ func (r *LifetimeWatcher) doRenewWithOptions(tokenMode bool, nonRenewable bool,
switch {
case nonRenewable || r.renewBehavior == RenewBehaviorRenewDisabled:
// Can't or won't renew, just keep the same expiration so we exit
- // when it's reauthentication time
+ // when it's re-authentication time
remainingLeaseDuration = fallbackLeaseDuration
default:
// Renew the token
renewal, err = renew(credString, r.increment)
+ if err != nil && strings.Contains(err.Error(), "permission denied") {
+ // We can't renew since the token doesn't have permission to. Fall back
+ // to the code path for non-renewable tokens.
+ nonRenewable = true
+ continue
+ }
if err != nil || renewal == nil || (tokenMode && renewal.Auth == nil) {
if r.renewBehavior == RenewBehaviorErrorOnErrors {
if err != nil {
@@ -349,8 +357,11 @@ func (r *LifetimeWatcher) doRenewWithOptions(tokenMode bool, nonRenewable bool,
if errorBackoff == nil {
sleepDuration = r.calculateSleepDuration(remainingLeaseDuration, priorDuration)
- } else if errorBackoff.NextBackOff() == backoff.Stop {
- return err
+ } else {
+ sleepDuration = errorBackoff.NextBackOff()
+ if sleepDuration == backoff.Stop {
+ return err
+ }
}
// remainingLeaseDuration becomes the priorDuration for the next loop
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_helpers.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_helpers.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_helpers.go
index 5d259366..d330478f 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_helpers.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_helpers.go
@@ -13,7 +13,8 @@ import (
"net/url"
"os"
- "github.com/go-jose/go-jose/v3/jwt"
+ jose "github.com/go-jose/go-jose/v4"
+ "github.com/go-jose/go-jose/v4/jwt"
"github.com/hashicorp/errwrap"
)
@@ -40,6 +41,11 @@ const (
// PluginUnwrapTokenEnv is the ENV name used to pass unwrap tokens to the
// plugin.
PluginUnwrapTokenEnv = "VAULT_UNWRAP_TOKEN"
+
+ // CubbyHoleJWTSignatureAlgorithm is the signature algorithm used for
+ // the unwrap token that Vault passes to a plugin when auto-mTLS is
+ // not enabled.
+ CubbyHoleJWTSignatureAlgorithm = jose.ES512
)
// PluginAPIClientMeta is a helper that plugins can use to configure TLS connections
@@ -102,7 +108,7 @@ func VaultPluginTLSProviderContext(ctx context.Context, apiTLSConfig *TLSConfig)
return func() (*tls.Config, error) {
unwrapToken := os.Getenv(PluginUnwrapTokenEnv)
- parsedJWT, err := jwt.ParseSigned(unwrapToken)
+ parsedJWT, err := jwt.ParseSigned(unwrapToken, []jose.SignatureAlgorithm{CubbyHoleJWTSignatureAlgorithm})
if err != nil {
return nil, errwrap.Wrapf("error parsing wrapping token: {{err}}", err)
}
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_runtime_types.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_runtime_types.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_runtime_types.go
index d3acd0d0..2514f127 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_runtime_types.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/plugin_runtime_types.go
@@ -9,11 +9,9 @@ package api
import "fmt"
-var PluginRuntimeTypes = []PluginRuntimeType{
- PluginRuntimeTypeUnsupported,
- PluginRuntimeTypeContainer,
-}
+var PluginRuntimeTypes = _PluginRuntimeTypeValues
+//go:generate enumer -type=PluginRuntimeType -trimprefix=PluginRuntimeType -transform=snake
type PluginRuntimeType uint32
// This is a list of PluginRuntimeTypes used by Vault.
@@ -22,20 +20,11 @@ const (
PluginRuntimeTypeContainer
)
-func (r PluginRuntimeType) String() string {
- switch r {
- case PluginRuntimeTypeContainer:
- return "container"
- default:
- return "unsupported"
- }
-}
-
+// ParsePluginRuntimeType is a wrapper around PluginRuntimeTypeString kept for backwards compatibility.
func ParsePluginRuntimeType(PluginRuntimeType string) (PluginRuntimeType, error) {
- switch PluginRuntimeType {
- case "container":
- return PluginRuntimeTypeContainer, nil
- default:
+ t, err := PluginRuntimeTypeString(PluginRuntimeType)
+ if err != nil {
return PluginRuntimeTypeUnsupported, fmt.Errorf("%q is not a supported plugin runtime type", PluginRuntimeType)
}
+ return t, nil
}
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/replication_status.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/replication_status.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/replication_status.go
index 9bc02d53..d7224ff1 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/replication_status.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/replication_status.go
@@ -19,13 +19,14 @@ const (
)
type ClusterInfo struct {
- APIAddr string `json:"api_address,omitempty" mapstructure:"api_address"`
- ClusterAddress string `json:"cluster_address,omitempty" mapstructure:"cluster_address"`
- ConnectionStatus string `json:"connection_status,omitempty" mapstructure:"connection_status"`
- LastHeartBeat string `json:"last_heartbeat,omitempty" mapstructure:"last_heartbeat"`
- LastHeartBeatDurationMillis string `json:"last_heartbeat_duration_ms,omitempty" mapstructure:"last_heartbeat_duration_ms"`
- ClockSkewMillis string `json:"clock_skew_ms,omitempty" mapstructure:"clock_skew_ms"`
- NodeID string `json:"node_id,omitempty" mapstructure:"node_id"`
+ APIAddr string `json:"api_address,omitempty" mapstructure:"api_address"`
+ ClusterAddress string `json:"cluster_address,omitempty" mapstructure:"cluster_address"`
+ ConnectionStatus string `json:"connection_status,omitempty" mapstructure:"connection_status"`
+ LastHeartBeat string `json:"last_heartbeat,omitempty" mapstructure:"last_heartbeat"`
+ LastHeartBeatDurationMillis string `json:"last_heartbeat_duration_ms,omitempty" mapstructure:"last_heartbeat_duration_ms"`
+ ClockSkewMillis string `json:"clock_skew_ms,omitempty" mapstructure:"clock_skew_ms"`
+ NodeID string `json:"node_id,omitempty" mapstructure:"node_id"`
+ ReplicationPrimaryCanaryAgeMillis string `json:"replication_primary_canary_age_ms,omitempty" mapstructure:"replication_primary_canary_age_ms"`
}
type ReplicationStatusGenericResponse struct {
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_hastatus.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_hastatus.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_hastatus.go
index 58a73b89..2e54651e 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_hastatus.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_hastatus.go
@@ -35,14 +35,15 @@ type HAStatusResponse struct {
}
type HANode struct {
- Hostname string `json:"hostname"`
- APIAddress string `json:"api_address"`
- ClusterAddress string `json:"cluster_address"`
- ActiveNode bool `json:"active_node"`
- LastEcho *time.Time `json:"last_echo"`
- EchoDurationMillis int64 `json:"echo_duration_ms"`
- ClockSkewMillis int64 `json:"clock_skew_ms"`
- Version string `json:"version"`
- UpgradeVersion string `json:"upgrade_version,omitempty"`
- RedundancyZone string `json:"redundancy_zone,omitempty"`
+ Hostname string `json:"hostname"`
+ APIAddress string `json:"api_address"`
+ ClusterAddress string `json:"cluster_address"`
+ ActiveNode bool `json:"active_node"`
+ LastEcho *time.Time `json:"last_echo"`
+ EchoDurationMillis int64 `json:"echo_duration_ms"`
+ ClockSkewMillis int64 `json:"clock_skew_ms"`
+ Version string `json:"version"`
+ UpgradeVersion string `json:"upgrade_version,omitempty"`
+ RedundancyZone string `json:"redundancy_zone,omitempty"`
+ ReplicationPrimaryCanaryAgeMillis int64 `json:"replication_primary_canary_age_ms"`
}
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_health.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_health.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_health.go
index 0dc84988..6868b96d 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_health.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_health.go
@@ -38,18 +38,19 @@ func (c *Sys) HealthWithContext(ctx context.Context) (*HealthResponse, error) {
}
type HealthResponse struct {
- Initialized bool `json:"initialized"`
- Sealed bool `json:"sealed"`
- Standby bool `json:"standby"`
- PerformanceStandby bool `json:"performance_standby"`
- ReplicationPerformanceMode string `json:"replication_performance_mode"`
- ReplicationDRMode string `json:"replication_dr_mode"`
- ServerTimeUTC int64 `json:"server_time_utc"`
- Version string `json:"version"`
- ClusterName string `json:"cluster_name,omitempty"`
- ClusterID string `json:"cluster_id,omitempty"`
- LastWAL uint64 `json:"last_wal,omitempty"`
- Enterprise bool `json:"enterprise"`
- EchoDurationMillis int64 `json:"echo_duration_ms"`
- ClockSkewMillis int64 `json:"clock_skew_ms"`
+ Initialized bool `json:"initialized"`
+ Sealed bool `json:"sealed"`
+ Standby bool `json:"standby"`
+ PerformanceStandby bool `json:"performance_standby"`
+ ReplicationPerformanceMode string `json:"replication_performance_mode"`
+ ReplicationDRMode string `json:"replication_dr_mode"`
+ ServerTimeUTC int64 `json:"server_time_utc"`
+ Version string `json:"version"`
+ ClusterName string `json:"cluster_name,omitempty"`
+ ClusterID string `json:"cluster_id,omitempty"`
+ LastWAL uint64 `json:"last_wal,omitempty"`
+ Enterprise bool `json:"enterprise"`
+ EchoDurationMillis int64 `json:"echo_duration_ms"`
+ ClockSkewMillis int64 `json:"clock_skew_ms"`
+ ReplicationPrimaryCanaryAgeMillis int64 `json:"replication_primary_canary_age_ms"`
}
|
Verify codegen:
third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_raft.go#L1
Please run ./hack/update-codegen.sh.
diff --git a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_raft.go b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_raft.go
index 4b9487c6..699f6e9f 100644
--- a/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_raft.go
+++ b/third_party/VENDOR-LICENSE/github.com/hashicorp/vault/api/sys_raft.go
@@ -9,6 +9,7 @@ import (
"context"
"encoding/json"
"errors"
+ "fmt"
"io"
"io/ioutil"
"net/http"
@@ -100,6 +101,23 @@ type AutopilotState struct {
OptimisticFailureTolerance int `mapstructure:"optimistic_failure_tolerance,omitempty"`
}
+func (a *AutopilotState) String() string {
+ var result string
+ result += fmt.Sprintf("Healthy: %t. FailureTolerance: %d. Leader: %s. OptimisticFailureTolerance: %d\n", a.Healthy, a.FailureTolerance, a.Leader, a.OptimisticFailureTolerance)
+ for _, s := range a.Servers {
+ result += fmt.Sprintf("Server: %s\n", s)
+ }
+ result += fmt.Sprintf("Voters: %v\n", a.Voters)
+ result += fmt.Sprintf("NonVoters: %v\n", a.NonVoters)
+
+ for name, zone := range a.RedundancyZones {
+ result += fmt.Sprintf("RedundancyZone %s: %s\n", name, &zone)
+ }
+
+ result += fmt.Sprintf("Upgrade: %s", a.Upgrade)
+ return result
+}
+
// AutopilotServer represents the server blocks in the response of the raft
// autopilot state API.
type AutopilotServer struct {
@@ -119,12 +137,21 @@ type AutopilotServer struct {
NodeType string `mapstructure:"node_type,omitempty"`
}
+func (a *AutopilotServer) String() string {
+ return fmt.Sprintf("ID: %s. Name: %s. Address: %s. NodeStatus: %s. LastContact: %s. LastTerm: %d. LastIndex: %d. Healthy: %t. StableSince: %s. Status: %s. Version: %s. UpgradeVersion: %s. RedundancyZone: %s. NodeType: %s",
+ a.ID, a.Name, a.Address, a.NodeStatus, a.LastContact, a.LastTerm, a.LastIndex, a.Healthy, a.StableSince, a.Status, a.Version, a.UpgradeVersion, a.RedundancyZone, a.NodeType)
+}
+
type AutopilotZone struct {
Servers []string `mapstructure:"servers,omitempty"`
Voters []string `mapstructure:"voters,omitempty"`
FailureTolerance int `mapstructure:"failure_tolerance,omitempty"`
}
+func (a *AutopilotZone) String() string {
+ return fmt.Sprintf("Servers: %v. Voters: %v. FailureTolerance: %d", a.Servers, a.Voters, a.FailureTolerance)
+}
+
type AutopilotUpgrade struct {
Status string `mapstructure:"status"`
TargetVersion string `mapstructure:"target_version,omitempty"`
@@ -137,6 +164,17 @@ type AutopilotUpgrade struct {
RedundancyZones map[string]AutopilotZoneUpgradeVersions `mapstructure:"redundancy_zones,omitempty"`
}
+func (a *AutopilotUpgrade) String() string {
+ result := fmt.Sprintf("Status: %s. TargetVersion: %s. TargetVersionVoters: %v. TargetVersionNonVoters: %v. TargetVersionReadReplicas: %v. OtherVersionVoters: %v. OtherVersionNonVoters: %v. OtherVersionReadReplicas: %v",
+ a.Status, a.TargetVersion, a.TargetVersionVoters, a.TargetVersionNonVoters, a.TargetVersionReadReplicas, a.OtherVersionVoters, a.OtherVersionNonVoters, a.OtherVersionReadReplicas)
+
+ for name, zone := range a.RedundancyZones {
+ result += fmt.Sprintf("Redundancy Zone %s: %s", name, zone)
+ }
+
+ return result
+}
+
type AutopilotZoneUpgradeVersions struct {
TargetVersionVoters []string `mapstructure:"target_version_voters,omitempty"`
TargetVersionNonVoters []string `mapstructure:"target_version_non_voters,omitempty"`
@@ -144,6 +182,11 @@ type AutopilotZoneUpgradeVersions struct {
OtherVersionNonVoters []string `mapstructure:"other_version_non_voters,omitempty"`
}
+func (a *AutopilotZoneUpgradeVersions) String() string {
+ return fmt.Sprintf("TargetVersionVoters: %v. TargetVersionNonVoters: %v. OtherVersionVoters: %v. OtherVersionNonVoters: %v",
+ a.TargetVersionVoters, a.TargetVersionNonVoters, a.OtherVersionVoters, a.OtherVersionNonVoters)
+}
+
// RaftJoin wraps RaftJoinWithContext using context.Background.
func (c *Sys) Ra
|
Verify codegen
Process completed with exit code 1.
|
Verify codegen
Restore cache failed: Dependencies file is not found in /home/runner/work/policy-controller/policy-controller. Supported file pattern: go.sum
|