From 047f6b90562f81159633d7486cd58f3b7e35e70b Mon Sep 17 00:00:00 2001 From: Jonathan Chang Date: Tue, 25 Feb 2025 14:47:42 -0800 Subject: [PATCH] Remove External Auth, will be add back. Fields that were removed are ExternalAuthConfigProfile ExternalAuthProfile TokenIssuerProfile ExternalAuthClientProfile ExternalAuthClaimProfile ExternalAuthClientComponentProfile TokenClaimMappingsProfile TokenClaimValidationRuleProfile ClaimProfile --- .../hcpCluster-models.tsp | 119 ------- .../preview/2024-06-10-preview/openapi.json | 227 ------------- frontend/go.mod | 15 +- frontend/go.sum | 52 +-- frontend/pkg/frontend/ocm.go | 5 - frontend/utils/create.go | 3 +- go.work.sum | 2 + internal/api/hcpopenshiftcluster.go | 29 +- .../api/v20240610preview/generated/models.go | 106 +----- .../generated/models_serde.go | 321 ------------------ .../hcpopenshiftclusters_methods.go | 171 ---------- internal/go.mod | 19 +- internal/go.sum | 58 ---- 13 files changed, 24 insertions(+), 1103 deletions(-) diff --git a/api/redhatopenshift/HcpCluster.Management/hcpCluster-models.tsp b/api/redhatopenshift/HcpCluster.Management/hcpCluster-models.tsp index eda58bb07..fd783761f 100644 --- a/api/redhatopenshift/HcpCluster.Management/hcpCluster-models.tsp +++ b/api/redhatopenshift/HcpCluster.Management/hcpCluster-models.tsp @@ -94,12 +94,6 @@ model HcpOpenShiftClusterProperties { */ @visibility("read") issuerUrl: url; - - /** Configuration to override the openshift-oauth-apiserver inside cluster - * This changes user login into the cluster to external provider - */ - @visibility("create", "read") - externalAuth?: ExternalAuthConfigProfile; } /** HCP patchable cluster properties */ @@ -361,119 +355,6 @@ scalar UserAssignedIdentityResourceId * ======================================= */ -/* - * ======================================= - * ExternalAuth resources - * ======================================= - */ - -/** External authentication configuration profile */ -model ExternalAuthConfigProfile { - /** This can be set during cluster creation only to ensure there is no openshift-oauth-apiserver in cluster */ - @visibility("create", "read") - enabled?: boolean = false; - - /** This can only be set as a day-2 resource on a separate endpoint to provide a self-managed auth service */ - @visibility("read") - @OpenAPI.extension("x-ms-identifiers", ["issuer", "clients", "claim"]) - externalAuths: ExternalAuthProfile[]; -} - -/** External authentication profile */ -model ExternalAuthProfile { - /** Token Issuer profile */ - issuer: TokenIssuerProfile; - - /** External auth clients */ - clients: ExternalAuthClientProfile[]; - - /** External auth claim */ - claim: ExternalAuthClaimProfile; -} - -/** Token issuer profile */ -model TokenIssuerProfile { - /** The URL of the token issuer */ - url: url; - - /** The audience of the token issuer */ - audiences: string[]; - - /** The issuer of the token */ - ca: string; -} - -/** External auth client profile */ -model ExternalAuthClientProfile { - /** External auth client component */ - component: ExternalAuthClientComponentProfile; - - /** external auth client id */ - id: string; - - /** external auth client secret */ - @secret - secret: string; - - /** external auth client scopes */ - extraScopes: string[]; -} - -/** External auth component profile */ -model ExternalAuthClientComponentProfile { - /** The name of the external auth client */ - name: string; - - /** The namespace of the external auth client */ - authClientNamespace: string; -} - -/** External auth claim profile */ -model ExternalAuthClaimProfile { - /** The claim mappings */ - mappings: TokenClaimMappingsProfile; - - /** The claim validation rules */ - @OpenAPI.extension("x-ms-identifiers", ["claim", "requiredValue"]) - validationRules: TokenClaimValidationRuleProfile[]; -} - -/** External auth claim mappings profile */ -model TokenClaimMappingsProfile { - /** The claim mappings username */ - username: ClaimProfile; - - /** The claim mappings groups */ - groups: ClaimProfile; -} - -/** External auth claim profile */ -model ClaimProfile { - /** Claim name of the external profile */ - claim: string; - - /** Prefix for the claim external profile */ - prefix: string; - - /** Prefix policy */ - prefixPolicy: string; -} - -/** External auth claim validation rule */ -model TokenClaimValidationRuleProfile { - /** Claim name for the validation profile */ - claim: string; - - /** Required value */ - requiredValue: string; -} - -/* - * ======================================= - * End ExternalAuth resources - * ======================================= - */ - /* * ======================================= * NodePool resources diff --git a/api/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/hcpclusters/preview/2024-06-10-preview/openapi.json b/api/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/hcpclusters/preview/2024-06-10-preview/openapi.json index fbbbc6e98..dcb6c44ea 100644 --- a/api/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/hcpclusters/preview/2024-06-10-preview/openapi.json +++ b/api/redhatopenshift/resource-manager/Microsoft.RedHatOpenShift/hcpclusters/preview/2024-06-10-preview/openapi.json @@ -976,29 +976,6 @@ }, "readOnly": true }, - "ClaimProfile": { - "type": "object", - "description": "External auth claim profile", - "properties": { - "claim": { - "type": "string", - "description": "Claim name of the external profile" - }, - "prefix": { - "type": "string", - "description": "Prefix for the claim external profile" - }, - "prefixPolicy": { - "type": "string", - "description": "Prefix policy" - } - }, - "required": [ - "claim", - "prefix", - "prefixPolicy" - ] - }, "ConsoleProfile": { "type": "object", "description": "Configuration of the cluster web console", @@ -1065,139 +1042,6 @@ ] } }, - "ExternalAuthClaimProfile": { - "type": "object", - "description": "External auth claim profile", - "properties": { - "mappings": { - "$ref": "#/definitions/TokenClaimMappingsProfile", - "description": "The claim mappings" - }, - "validationRules": { - "type": "array", - "description": "The claim validation rules", - "items": { - "$ref": "#/definitions/TokenClaimValidationRuleProfile" - }, - "x-ms-identifiers": [ - "claim", - "requiredValue" - ] - } - }, - "required": [ - "mappings", - "validationRules" - ] - }, - "ExternalAuthClientComponentProfile": { - "type": "object", - "description": "External auth component profile", - "properties": { - "name": { - "type": "string", - "description": "The name of the external auth client" - }, - "authClientNamespace": { - "type": "string", - "description": "The namespace of the external auth client" - } - }, - "required": [ - "name", - "authClientNamespace" - ] - }, - "ExternalAuthClientProfile": { - "type": "object", - "description": "External auth client profile", - "properties": { - "component": { - "$ref": "#/definitions/ExternalAuthClientComponentProfile", - "description": "External auth client component" - }, - "id": { - "type": "string", - "description": "external auth client id" - }, - "secret": { - "type": "string", - "format": "password", - "description": "external auth client secret", - "x-ms-secret": true - }, - "extraScopes": { - "type": "array", - "description": "external auth client scopes", - "items": { - "type": "string" - } - } - }, - "required": [ - "component", - "id", - "secret", - "extraScopes" - ] - }, - "ExternalAuthConfigProfile": { - "type": "object", - "description": "External authentication configuration profile", - "properties": { - "enabled": { - "type": "boolean", - "description": "This can be set during cluster creation only to ensure there is no openshift-oauth-apiserver in cluster", - "default": false, - "x-ms-mutability": [ - "read", - "create" - ] - }, - "externalAuths": { - "type": "array", - "description": "This can only be set as a day-2 resource on a separate endpoint to provide a self-managed auth service", - "items": { - "$ref": "#/definitions/ExternalAuthProfile" - }, - "readOnly": true, - "x-ms-identifiers": [ - "issuer", - "clients", - "claim" - ] - } - }, - "required": [ - "externalAuths" - ] - }, - "ExternalAuthProfile": { - "type": "object", - "description": "External authentication profile", - "properties": { - "issuer": { - "$ref": "#/definitions/TokenIssuerProfile", - "description": "Token Issuer profile" - }, - "clients": { - "type": "array", - "description": "External auth clients", - "items": { - "$ref": "#/definitions/ExternalAuthClientProfile" - } - }, - "claim": { - "$ref": "#/definitions/ExternalAuthClaimProfile", - "description": "External auth claim" - } - }, - "required": [ - "issuer", - "clients", - "claim" - ] - }, "HcpOpenShiftClusterCredentials": { "type": "object", "description": "HCP cluster credentials", @@ -1412,14 +1256,6 @@ "format": "uri", "description": "URL for the OIDC provider to be used for authentication\nto authenticate against user Azure cloud account", "readOnly": true - }, - "externalAuth": { - "$ref": "#/definitions/ExternalAuthConfigProfile", - "description": "Configuration to override the openshift-oauth-apiserver inside cluster\nThis changes user login into the cluster to external provider", - "x-ms-mutability": [ - "read", - "create" - ] } }, "required": [ @@ -2023,69 +1859,6 @@ } } }, - "TokenClaimMappingsProfile": { - "type": "object", - "description": "External auth claim mappings profile", - "properties": { - "username": { - "$ref": "#/definitions/ClaimProfile", - "description": "The claim mappings username" - }, - "groups": { - "$ref": "#/definitions/ClaimProfile", - "description": "The claim mappings groups" - } - }, - "required": [ - "username", - "groups" - ] - }, - "TokenClaimValidationRuleProfile": { - "type": "object", - "description": "External auth claim validation rule", - "properties": { - "claim": { - "type": "string", - "description": "Claim name for the validation profile" - }, - "requiredValue": { - "type": "string", - "description": "Required value" - } - }, - "required": [ - "claim", - "requiredValue" - ] - }, - "TokenIssuerProfile": { - "type": "object", - "description": "Token issuer profile", - "properties": { - "url": { - "type": "string", - "format": "uri", - "description": "The URL of the token issuer" - }, - "audiences": { - "type": "array", - "description": "The audience of the token issuer", - "items": { - "type": "string" - } - }, - "ca": { - "type": "string", - "description": "The issuer of the token" - } - }, - "required": [ - "url", - "audiences", - "ca" - ] - }, "UserAssignedIdentitiesProfile": { "type": "object", "description": "Represents the information related to Azure User-Assigned managed identities needed\nto perform Operators authentication based on Azure User-Assigned Managed Identities", diff --git a/frontend/go.mod b/frontend/go.mod index fae4bd638..c327fc815 100644 --- a/frontend/go.mod +++ b/frontend/go.mod @@ -23,11 +23,11 @@ require ( require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect + github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/x448/float16 v0.8.4 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/contrib/bridges/prometheus v0.59.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.10.0 // indirect @@ -49,7 +49,6 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect google.golang.org/grpc v1.69.4 // indirect - sigs.k8s.io/yaml v1.4.0 // indirect ) require ( @@ -68,11 +67,9 @@ require ( github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-playground/validator/v10 v10.25.0 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/glog v1.2.4 // indirect - github.com/google/gofuzz v1.2.0 // indirect github.com/gorilla/css v1.0.1 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -83,7 +80,6 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/prometheus/client_model v0.6.1 github.com/prometheus/common v0.62.0 // indirect @@ -96,14 +92,7 @@ require ( golang.org/x/sys v0.30.0 // indirect golang.org/x/text v0.22.0 // indirect google.golang.org/protobuf v1.36.3 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.32.2 // indirect - k8s.io/apimachinery v0.32.2 // indirect - k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect ) replace github.com/Azure/ARO-HCP/internal => ../internal diff --git a/frontend/go.sum b/frontend/go.sum index 8232df741..307773610 100644 --- a/frontend/go.sum +++ b/frontend/go.sum @@ -39,8 +39,6 @@ github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0 github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= -github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM= github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -58,8 +56,6 @@ github.com/go-playground/validator/v10 v10.25.0 h1:5Dh7cjvzR7BRZadnsVOzPhWsrwUr0 github.com/go-playground/validator/v10 v10.25.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= @@ -68,12 +64,9 @@ github.com/golang/glog v1.2.4 h1:CNNw5U8lSiiBk7druxtSHHTsRWcxKoac6kZKm2peBBc= github.com/golang/glog v1.2.4/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -108,8 +101,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -135,8 +126,6 @@ github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/openshift-online/ocm-sdk-go v0.1.459 h1:n56ErJL8S2RPfpX6HGp2CmVyJ7k0GC4xnVYdO8Ky8XI= github.com/openshift-online/ocm-sdk-go v0.1.459/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y= -github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784 h1:SmOZFMxuAH4d1Cj7dOftVyo4Wg/mEC4pwz6QIJJsAkc= -github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -167,10 +156,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= -github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/contrib/bridges/prometheus v0.59.0 h1:HY2hJ7yn3KuEBBBsKxvF3ViSmzLwsgeNvD+0utRMgzc= @@ -223,9 +208,6 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU= go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -234,35 +216,21 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY= +golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8= golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f h1:gap6+3Gk41EItBuyi4XX/bp4oqJ3UwuIMl25yGinuAA= google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f/go.mod h1:Ic02D47M+zbarjYYUlK57y316f2MoN0gjAwI3f2S95o= google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f h1:OxYkA3wjPsZyBylwymxSHa7ViiW1Sml4ToBrncvFehI= @@ -274,21 +242,5 @@ google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojt gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= -k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= -k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= -k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= -k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= -sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk= -sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= -sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= -sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/frontend/pkg/frontend/ocm.go b/frontend/pkg/frontend/ocm.go index 096229db4..c32146b1b 100644 --- a/frontend/pkg/frontend/ocm.go +++ b/frontend/pkg/frontend/ocm.go @@ -9,7 +9,6 @@ import ( "github.com/google/uuid" arohcpv1alpha1 "github.com/openshift-online/ocm-sdk-go/arohcp/v1alpha1" cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1" - configv1 "github.com/openshift/api/config/v1" "github.com/Azure/ARO-HCP/internal/api" "github.com/Azure/ARO-HCP/internal/api/arm" @@ -117,10 +116,6 @@ func ConvertCStoHCPOpenShiftCluster(resourceID *azcorearm.ResourceID, cluster *a NetworkSecurityGroupID: cluster.Azure().NetworkSecurityGroupResourceID(), }, IssuerURL: "", - ExternalAuth: api.ExternalAuthConfigProfile{ - Enabled: false, - ExternalAuths: []*configv1.OIDCProvider{}, - }, }, } diff --git a/frontend/utils/create.go b/frontend/utils/create.go index 3d9ab02b1..82f3df72d 100644 --- a/frontend/utils/create.go +++ b/frontend/utils/create.go @@ -70,8 +70,7 @@ func CreateJSONFile() error { SubnetID: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/dev-test-rg/providers/Microsoft.Network/virtualNetworks/xyz/subnets/xyz", OutboundType: api.OutboundType("loadBalancer"), }, - IssuerURL: "", - ExternalAuth: api.ExternalAuthConfigProfile{}, + IssuerURL: "", }, } diff --git a/go.work.sum b/go.work.sum index 9427f60f6..ba4892ad7 100644 --- a/go.work.sum +++ b/go.work.sum @@ -1566,6 +1566,8 @@ github.com/opencontainers/selinux v1.11.1 h1:nHFvthhM0qY8/m+vfhJylliSshm8G1jJ2jD github.com/opencontainers/selinux v1.11.1/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= github.com/openshift-online/ocm-sdk-go v0.1.424 h1:fTNC0qs/s3IZWym3g7R4aS0YtyEkKuoasKvru18iKAs= github.com/openshift-online/ocm-sdk-go v0.1.424/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y= +github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784 h1:SmOZFMxuAH4d1Cj7dOftVyo4Wg/mEC4pwz6QIJJsAkc= +github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= diff --git a/internal/api/hcpopenshiftcluster.go b/internal/api/hcpopenshiftcluster.go index e2be3aa3c..bacb2982a 100644 --- a/internal/api/hcpopenshiftcluster.go +++ b/internal/api/hcpopenshiftcluster.go @@ -4,8 +4,6 @@ package api // Licensed under the Apache License 2.0. import ( - configv1 "github.com/openshift/api/config/v1" - "github.com/Azure/ARO-HCP/internal/api/arm" ) @@ -18,17 +16,16 @@ type HCPOpenShiftCluster struct { // HCPOpenShiftClusterProperties represents the property bag of a HCPOpenShiftCluster resource. type HCPOpenShiftClusterProperties struct { - ProvisioningState arm.ProvisioningState `json:"provisioningState,omitempty" visibility:"read"` - Version VersionProfile `json:"version,omitempty" visibility:"read create"` - DNS DNSProfile `json:"dns,omitempty" visibility:"read create update"` - Network NetworkProfile `json:"network,omitempty" visibility:"read create"` - Console ConsoleProfile `json:"console,omitempty" visibility:"read"` - API APIProfile `json:"api,omitempty" visibility:"read create"` - DisableUserWorkloadMonitoring bool `json:"disableUserWorkloadMonitoring,omitempty" visibility:"read create update"` - Proxy ProxyProfile `json:"proxy,omitempty" visibility:"read create update"` - Platform PlatformProfile `json:"platform,omitempty" visibility:"read create"` - IssuerURL string `json:"issuerUrl,omitempty" visibility:"read"` - ExternalAuth ExternalAuthConfigProfile `json:"externalAuth,omitempty" visibility:"read create"` + ProvisioningState arm.ProvisioningState `json:"provisioningState,omitempty" visibility:"read"` + Version VersionProfile `json:"version,omitempty" visibility:"read create"` + DNS DNSProfile `json:"dns,omitempty" visibility:"read create update"` + Network NetworkProfile `json:"network,omitempty" visibility:"read create"` + Console ConsoleProfile `json:"console,omitempty" visibility:"read"` + API APIProfile `json:"api,omitempty" visibility:"read create"` + DisableUserWorkloadMonitoring bool `json:"disableUserWorkloadMonitoring,omitempty" visibility:"read create update"` + Proxy ProxyProfile `json:"proxy,omitempty" visibility:"read create update"` + Platform PlatformProfile `json:"platform,omitempty" visibility:"read create"` + IssuerURL string `json:"issuerUrl,omitempty" visibility:"read"` } // VersionProfile represents the cluster control plane version. @@ -99,12 +96,6 @@ type UserAssignedIdentitiesProfile struct { ServiceManagedIdentity string `json:"serviceManagedIdentity,omitempty" validate:"omitempty,resource_id=Microsoft.ManagedIdentity/userAssignedIdentities"` } -// ExternalAuthConfigProfile represents the external authentication configuration. -type ExternalAuthConfigProfile struct { - Enabled bool `json:"enabled,omitempty" visibility:"read create"` - ExternalAuths []*configv1.OIDCProvider `json:"externalAuths,omitempty" visibility:"read"` -} - // Creates an HCPOpenShiftCluster with any non-zero default values. func NewDefaultHCPOpenShiftCluster() *HCPOpenShiftCluster { return &HCPOpenShiftCluster{ diff --git a/internal/api/v20240610preview/generated/models.go b/internal/api/v20240610preview/generated/models.go index c7f7161fd..11c4945ae 100644 --- a/internal/api/v20240610preview/generated/models.go +++ b/internal/api/v20240610preview/generated/models.go @@ -18,18 +18,6 @@ type APIProfile struct { URL *string } -// ClaimProfile - External auth claim profile -type ClaimProfile struct { - // REQUIRED; Claim name of the external profile - Claim *string - - // REQUIRED; Prefix for the claim external profile - Prefix *string - - // REQUIRED; Prefix policy - PrefixPolicy *string -} - type ComponentsQjfoe3SchemasManagedserviceidentityupdatePropertiesUserassignedidentitiesAdditionalproperties struct { // READ-ONLY; The client ID of the assigned identity. ClientID *string @@ -88,60 +76,6 @@ type ErrorResponse struct { Error *ErrorDetail } -// ExternalAuthClaimProfile - External auth claim profile -type ExternalAuthClaimProfile struct { - // REQUIRED; The claim mappings - Mappings *TokenClaimMappingsProfile - - // REQUIRED; The claim validation rules - ValidationRules []*TokenClaimValidationRuleProfile -} - -// ExternalAuthClientComponentProfile - External auth component profile -type ExternalAuthClientComponentProfile struct { - // REQUIRED; The namespace of the external auth client - AuthClientNamespace *string - - // REQUIRED; The name of the external auth client - Name *string -} - -// ExternalAuthClientProfile - External auth client profile -type ExternalAuthClientProfile struct { - // REQUIRED; External auth client component - Component *ExternalAuthClientComponentProfile - - // REQUIRED; external auth client scopes - ExtraScopes []*string - - // REQUIRED; external auth client id - ID *string - - // REQUIRED; external auth client secret - Secret *string -} - -// ExternalAuthConfigProfile - External authentication configuration profile -type ExternalAuthConfigProfile struct { - // READ-ONLY; This can only be set as a day-2 resource on a separate endpoint to provide a self-managed auth service - ExternalAuths []*ExternalAuthProfile - - // This can be set during cluster creation only to ensure there is no openshift-oauth-apiserver in cluster - Enabled *bool -} - -// ExternalAuthProfile - External authentication profile -type ExternalAuthProfile struct { - // REQUIRED; External auth claim - Claim *ExternalAuthClaimProfile - - // REQUIRED; External auth clients - Clients []*ExternalAuthClientProfile - - // REQUIRED; Token Issuer profile - Issuer *TokenIssuerProfile -} - // HcpOpenShiftClusterCredentials - HCP cluster credentials type HcpOpenShiftClusterCredentials struct { // READ-ONLY; kube admin password @@ -235,19 +169,12 @@ type HcpOpenShiftClusterProperties struct { // REQUIRED; Version of the control plane components Version *VersionProfile - // READ-ONLY; URL for the OIDC provider to be used for authentication to authenticate against user Azure cloud account - IssuerURL *string - // Cluster DNS configuration DNS *DNSProfile // Disable user workload monitoring DisableUserWorkloadMonitoring *bool - // Configuration to override the openshift-oauth-apiserver inside cluster This changes user login into the cluster to external -// provider - ExternalAuth *ExternalAuthConfigProfile - // Cluster network configuration Network *NetworkProfile @@ -263,6 +190,9 @@ type HcpOpenShiftClusterProperties struct { // READ-ONLY; Shows the cluster web console information Console *ConsoleProfile + // READ-ONLY; URL for the OIDC provider to be used for authentication to authenticate against user Azure cloud account + IssuerURL *string + // READ-ONLY; The status of the last operation. ProvisioningState *ProvisioningState } @@ -646,36 +576,6 @@ type Taint struct { Value *string } -// TokenClaimMappingsProfile - External auth claim mappings profile -type TokenClaimMappingsProfile struct { - // REQUIRED; The claim mappings groups - Groups *ClaimProfile - - // REQUIRED; The claim mappings username - Username *ClaimProfile -} - -// TokenClaimValidationRuleProfile - External auth claim validation rule -type TokenClaimValidationRuleProfile struct { - // REQUIRED; Claim name for the validation profile - Claim *string - - // REQUIRED; Required value - RequiredValue *string -} - -// TokenIssuerProfile - Token issuer profile -type TokenIssuerProfile struct { - // REQUIRED; The audience of the token issuer - Audiences []*string - - // REQUIRED; The issuer of the token - Ca *string - - // REQUIRED; The URL of the token issuer - URL *string -} - // TrackedResource - The resource model definition for an Azure Resource Manager tracked top level resource which has 'tags' // and a 'location' type TrackedResource struct { diff --git a/internal/api/v20240610preview/generated/models_serde.go b/internal/api/v20240610preview/generated/models_serde.go index 75090e99c..cf9382757 100644 --- a/internal/api/v20240610preview/generated/models_serde.go +++ b/internal/api/v20240610preview/generated/models_serde.go @@ -47,43 +47,6 @@ func (a *APIProfile) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ClaimProfile. -func (c ClaimProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "claim", c.Claim) - populate(objectMap, "prefix", c.Prefix) - populate(objectMap, "prefixPolicy", c.PrefixPolicy) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ClaimProfile. -func (c *ClaimProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "claim": - err = unpopulate(val, "Claim", &c.Claim) - delete(rawMsg, key) - case "prefix": - err = unpopulate(val, "Prefix", &c.Prefix) - delete(rawMsg, key) - case "prefixPolicy": - err = unpopulate(val, "PrefixPolicy", &c.PrefixPolicy) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", c, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", c, err) - } - } - return nil -} - // MarshalJSON implements the json.Marshaller interface for type ComponentsQjfoe3SchemasManagedserviceidentityupdatePropertiesUserassignedidentitiesAdditionalproperties. func (c ComponentsQjfoe3SchemasManagedserviceidentityupdatePropertiesUserassignedidentitiesAdditionalproperties) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -286,183 +249,6 @@ func (e *ErrorResponse) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type ExternalAuthClaimProfile. -func (e ExternalAuthClaimProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "mappings", e.Mappings) - populate(objectMap, "validationRules", e.ValidationRules) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ExternalAuthClaimProfile. -func (e *ExternalAuthClaimProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "mappings": - err = unpopulate(val, "Mappings", &e.Mappings) - delete(rawMsg, key) - case "validationRules": - err = unpopulate(val, "ValidationRules", &e.ValidationRules) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", e, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ExternalAuthClientComponentProfile. -func (e ExternalAuthClientComponentProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "authClientNamespace", e.AuthClientNamespace) - populate(objectMap, "name", e.Name) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ExternalAuthClientComponentProfile. -func (e *ExternalAuthClientComponentProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "authClientNamespace": - err = unpopulate(val, "AuthClientNamespace", &e.AuthClientNamespace) - delete(rawMsg, key) - case "name": - err = unpopulate(val, "Name", &e.Name) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", e, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ExternalAuthClientProfile. -func (e ExternalAuthClientProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "component", e.Component) - populate(objectMap, "extraScopes", e.ExtraScopes) - populate(objectMap, "id", e.ID) - populate(objectMap, "secret", e.Secret) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ExternalAuthClientProfile. -func (e *ExternalAuthClientProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "component": - err = unpopulate(val, "Component", &e.Component) - delete(rawMsg, key) - case "extraScopes": - err = unpopulate(val, "ExtraScopes", &e.ExtraScopes) - delete(rawMsg, key) - case "id": - err = unpopulate(val, "ID", &e.ID) - delete(rawMsg, key) - case "secret": - err = unpopulate(val, "Secret", &e.Secret) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", e, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ExternalAuthConfigProfile. -func (e ExternalAuthConfigProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "enabled", e.Enabled) - populate(objectMap, "externalAuths", e.ExternalAuths) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ExternalAuthConfigProfile. -func (e *ExternalAuthConfigProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "enabled": - err = unpopulate(val, "Enabled", &e.Enabled) - delete(rawMsg, key) - case "externalAuths": - err = unpopulate(val, "ExternalAuths", &e.ExternalAuths) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", e, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type ExternalAuthProfile. -func (e ExternalAuthProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "claim", e.Claim) - populate(objectMap, "clients", e.Clients) - populate(objectMap, "issuer", e.Issuer) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type ExternalAuthProfile. -func (e *ExternalAuthProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "claim": - err = unpopulate(val, "Claim", &e.Claim) - delete(rawMsg, key) - case "clients": - err = unpopulate(val, "Clients", &e.Clients) - delete(rawMsg, key) - case "issuer": - err = unpopulate(val, "Issuer", &e.Issuer) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", e, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", e, err) - } - } - return nil -} - // MarshalJSON implements the json.Marshaller interface for type HcpOpenShiftClusterCredentials. func (h HcpOpenShiftClusterCredentials) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) @@ -733,7 +519,6 @@ func (h HcpOpenShiftClusterProperties) MarshalJSON() ([]byte, error) { populate(objectMap, "console", h.Console) populate(objectMap, "dns", h.DNS) populate(objectMap, "disableUserWorkloadMonitoring", h.DisableUserWorkloadMonitoring) - populate(objectMap, "externalAuth", h.ExternalAuth) populate(objectMap, "issuerUrl", h.IssuerURL) populate(objectMap, "network", h.Network) populate(objectMap, "platform", h.Platform) @@ -764,9 +549,6 @@ func (h *HcpOpenShiftClusterProperties) UnmarshalJSON(data []byte) error { case "disableUserWorkloadMonitoring": err = unpopulate(val, "DisableUserWorkloadMonitoring", &h.DisableUserWorkloadMonitoring) delete(rawMsg, key) - case "externalAuth": - err = unpopulate(val, "ExternalAuth", &h.ExternalAuth) - delete(rawMsg, key) case "issuerUrl": err = unpopulate(val, "IssuerURL", &h.IssuerURL) delete(rawMsg, key) @@ -1750,109 +1532,6 @@ func (t *Taint) UnmarshalJSON(data []byte) error { return nil } -// MarshalJSON implements the json.Marshaller interface for type TokenClaimMappingsProfile. -func (t TokenClaimMappingsProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "groups", t.Groups) - populate(objectMap, "username", t.Username) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type TokenClaimMappingsProfile. -func (t *TokenClaimMappingsProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "groups": - err = unpopulate(val, "Groups", &t.Groups) - delete(rawMsg, key) - case "username": - err = unpopulate(val, "Username", &t.Username) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", t, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type TokenClaimValidationRuleProfile. -func (t TokenClaimValidationRuleProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "claim", t.Claim) - populate(objectMap, "requiredValue", t.RequiredValue) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type TokenClaimValidationRuleProfile. -func (t *TokenClaimValidationRuleProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "claim": - err = unpopulate(val, "Claim", &t.Claim) - delete(rawMsg, key) - case "requiredValue": - err = unpopulate(val, "RequiredValue", &t.RequiredValue) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", t, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - } - return nil -} - -// MarshalJSON implements the json.Marshaller interface for type TokenIssuerProfile. -func (t TokenIssuerProfile) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]any) - populate(objectMap, "audiences", t.Audiences) - populate(objectMap, "ca", t.Ca) - populate(objectMap, "url", t.URL) - return json.Marshal(objectMap) -} - -// UnmarshalJSON implements the json.Unmarshaller interface for type TokenIssuerProfile. -func (t *TokenIssuerProfile) UnmarshalJSON(data []byte) error { - var rawMsg map[string]json.RawMessage - if err := json.Unmarshal(data, &rawMsg); err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - for key, val := range rawMsg { - var err error - switch key { - case "audiences": - err = unpopulate(val, "Audiences", &t.Audiences) - delete(rawMsg, key) - case "ca": - err = unpopulate(val, "Ca", &t.Ca) - delete(rawMsg, key) - case "url": - err = unpopulate(val, "URL", &t.URL) - delete(rawMsg, key) - default: - err = fmt.Errorf("unmarshalling type %T, unknown field %q", t, key) - } - if err != nil { - return fmt.Errorf("unmarshalling type %T: %v", t, err) - } - } - return nil -} - // MarshalJSON implements the json.Marshaller interface for type TrackedResource. func (t TrackedResource) MarshalJSON() ([]byte, error) { objectMap := make(map[string]any) diff --git a/internal/api/v20240610preview/hcpopenshiftclusters_methods.go b/internal/api/v20240610preview/hcpopenshiftclusters_methods.go index 53ba413eb..7abd1cffe 100644 --- a/internal/api/v20240610preview/hcpopenshiftclusters_methods.go +++ b/internal/api/v20240610preview/hcpopenshiftclusters_methods.go @@ -7,8 +7,6 @@ import ( "fmt" "net/http" - configv1 "github.com/openshift/api/config/v1" - "github.com/Azure/ARO-HCP/internal/api" "github.com/Azure/ARO-HCP/internal/api/arm" "github.com/Azure/ARO-HCP/internal/api/v20240610preview/generated" @@ -89,72 +87,6 @@ func newUserAssignedIdentitiesProfile(from *api.UserAssignedIdentitiesProfile) * } } -func newExternalAuthProfile(from *configv1.OIDCProvider) *generated.ExternalAuthProfile { - out := &generated.ExternalAuthProfile{ - Issuer: &generated.TokenIssuerProfile{ - URL: api.Ptr(from.Issuer.URL), - Audiences: make([]*string, len(from.Issuer.Audiences)), - Ca: api.Ptr(from.Issuer.CertificateAuthority.Name), - }, - Clients: make([]*generated.ExternalAuthClientProfile, len(from.OIDCClients)), - Claim: &generated.ExternalAuthClaimProfile{ - Mappings: &generated.TokenClaimMappingsProfile{ - Username: &generated.ClaimProfile{ - Claim: api.Ptr(from.ClaimMappings.Username.Claim), - PrefixPolicy: api.Ptr(string(from.ClaimMappings.Username.PrefixPolicy)), - }, - Groups: &generated.ClaimProfile{ - Claim: api.Ptr(from.ClaimMappings.Groups.Claim), - Prefix: api.Ptr(from.ClaimMappings.Groups.Prefix), - }, - }, - ValidationRules: make([]*generated.TokenClaimValidationRuleProfile, len(from.ClaimValidationRules)), - }, - } - - for index, item := range from.Issuer.Audiences { - out.Issuer.Audiences[index] = api.Ptr(string(item)) - } - - for index, item := range from.OIDCClients { - out.Clients[index] = newExternalAuthClientProfile(item) - } - - if from.ClaimMappings.Username.Prefix != nil { - out.Claim.Mappings.Username.Prefix = api.Ptr(from.ClaimMappings.Username.Prefix.PrefixString) - } - - for index, item := range from.ClaimValidationRules { - out.Claim.ValidationRules[index] = newTokenClaimValidationRuleProfile(item) - } - - return out -} - -func newTokenClaimValidationRuleProfile(from configv1.TokenClaimValidationRule) *generated.TokenClaimValidationRuleProfile { - if from.RequiredClaim == nil { - // Should never happen since we create these rules. - panic("TokenClaimValidationRule has no RequiredClaim") - } - - return &generated.TokenClaimValidationRuleProfile{ - Claim: api.Ptr(from.RequiredClaim.Claim), - RequiredValue: api.Ptr(from.RequiredClaim.RequiredValue), - } -} - -func newExternalAuthClientProfile(from configv1.OIDCClientConfig) *generated.ExternalAuthClientProfile { - return &generated.ExternalAuthClientProfile{ - Component: &generated.ExternalAuthClientComponentProfile{ - Name: api.Ptr(from.ComponentName), - AuthClientNamespace: api.Ptr(from.ComponentNamespace), - }, - ID: api.Ptr(from.ClientID), - Secret: api.Ptr(from.ClientSecret.Name), - ExtraScopes: api.StringSliceToStringPtrSlice(from.ExtraScopes), - } -} - func (v version) NewHCPOpenShiftCluster(from *api.HCPOpenShiftCluster) api.VersionedHCPOpenShiftCluster { if from == nil { from = api.NewDefaultHCPOpenShiftCluster() @@ -185,10 +117,6 @@ func (v version) NewHCPOpenShiftCluster(from *api.HCPOpenShiftCluster) api.Versi Proxy: newProxyProfile(&from.Properties.Proxy), Platform: newPlatformProfile(&from.Properties.Platform), IssuerURL: api.Ptr(from.Properties.IssuerURL), - ExternalAuth: &generated.ExternalAuthConfigProfile{ - Enabled: api.Ptr(from.Properties.ExternalAuth.Enabled), - ExternalAuths: make([]*generated.ExternalAuthProfile, len(from.Properties.ExternalAuth.ExternalAuths)), - }, }, }, } @@ -204,10 +132,6 @@ func (v version) NewHCPOpenShiftCluster(from *api.HCPOpenShiftCluster) api.Versi } } - for index, item := range from.Properties.ExternalAuth.ExternalAuths { - out.Properties.ExternalAuth.ExternalAuths[index] = newExternalAuthProfile(item) - } - return out } @@ -295,9 +219,6 @@ func (c *HcpOpenShiftClusterResource) Normalize(out *api.HCPOpenShiftCluster) { if c.Properties.IssuerURL != nil { out.Properties.IssuerURL = *c.Properties.IssuerURL } - if c.Properties.ExternalAuth != nil { - normalizeExternalAuthConfig(c.Properties.ExternalAuth, &out.Properties.ExternalAuth) - } } } } @@ -522,98 +443,6 @@ func normalizeUserAssignedIdentities(p *generated.UserAssignedIdentitiesProfile, } } -func normalizeExternalAuthConfig(p *generated.ExternalAuthConfigProfile, out *api.ExternalAuthConfigProfile) { - if p.Enabled != nil { - out.Enabled = *p.Enabled - } - out.ExternalAuths = []*configv1.OIDCProvider{} - for _, item := range api.DeleteNilsFromPtrSlice(p.ExternalAuths) { - provider := &configv1.OIDCProvider{} - - if item.Issuer != nil { - if item.Issuer.URL != nil { - provider.Issuer.URL = *item.Issuer.URL - } - provider.Issuer.Audiences = make([]configv1.TokenAudience, len(item.Issuer.Audiences)) - for index, audience := range item.Issuer.Audiences { - if audience != nil { - provider.Issuer.Audiences[index] = configv1.TokenAudience(*audience) - } - } - if item.Issuer.Ca != nil { - // Slight misuse of the field. It's meant to name a config map holding a - // "ca-bundle.crt" key, whereas we store the data directly in the Name field. - provider.Issuer.CertificateAuthority = configv1.ConfigMapNameReference{ - Name: *item.Issuer.Ca, - } - } - } - - clientSequence := api.DeleteNilsFromPtrSlice(item.Clients) - provider.OIDCClients = make([]configv1.OIDCClientConfig, len(clientSequence)) - for index, client := range clientSequence { - if client.Component != nil { - if client.Component.Name != nil { - provider.OIDCClients[index].ComponentName = *client.Component.Name - } - if client.Component.AuthClientNamespace != nil { - provider.OIDCClients[index].ComponentNamespace = *client.Component.AuthClientNamespace - } - } - if client.ID != nil { - provider.OIDCClients[index].ClientID = *client.ID - } - if client.Secret != nil { - // Slight misuse of the field. It's meant to name a secret holding a - // "clientSecret" key, whereas we store the data directly in the Name field. - provider.OIDCClients[index].ClientSecret.Name = *client.Secret - } - provider.OIDCClients[index].ExtraScopes = api.StringPtrSliceToStringSlice(client.ExtraScopes) - } - - if item.Claim != nil { - if item.Claim.Mappings != nil { - if item.Claim.Mappings.Username != nil { - if item.Claim.Mappings.Username.Claim != nil { - provider.ClaimMappings.Username.TokenClaimMapping.Claim = *item.Claim.Mappings.Username.Claim - } - if item.Claim.Mappings.Username.PrefixPolicy != nil { - provider.ClaimMappings.Username.PrefixPolicy = configv1.UsernamePrefixPolicy(*item.Claim.Mappings.Username.PrefixPolicy) - } - if item.Claim.Mappings.Username.Prefix != nil { - provider.ClaimMappings.Username.Prefix.PrefixString = *item.Claim.Mappings.Username.Prefix - } - } - if item.Claim.Mappings.Groups != nil { - if item.Claim.Mappings.Groups.Claim != nil { - provider.ClaimMappings.Groups.TokenClaimMapping.Claim = *item.Claim.Mappings.Groups.Claim - } - if item.Claim.Mappings.Groups.Prefix != nil { - provider.ClaimMappings.Groups.Prefix = *item.Claim.Mappings.Groups.Prefix - } - } - } - } - - validationRuleSequence := api.DeleteNilsFromPtrSlice(item.Claim.ValidationRules) - provider.ClaimValidationRules = make([]configv1.TokenClaimValidationRule, len(validationRuleSequence)) - for index, rule := range validationRuleSequence { - provider.ClaimValidationRules[index] = configv1.TokenClaimValidationRule{ - Type: configv1.TokenValidationRuleTypeRequiredClaim, - RequiredClaim: &configv1.TokenRequiredClaim{}, - } - if rule.Claim != nil { - provider.ClaimValidationRules[index].RequiredClaim.Claim = *rule.Claim - } - if rule.RequiredValue != nil { - provider.ClaimValidationRules[index].RequiredClaim.RequiredValue = *rule.RequiredValue - } - } - - out.ExternalAuths = append(out.ExternalAuths, provider) - } -} - func normalizeIdentityUserAssignedIdentities(p map[string]*generated.UserAssignedIdentity, out *map[string]*arm.UserAssignedIdentity) { if *out == nil { *out = make(map[string]*arm.UserAssignedIdentity) diff --git a/internal/go.mod b/internal/go.mod index 6e41645e7..ec84ee5f2 100644 --- a/internal/go.mod +++ b/internal/go.mod @@ -11,7 +11,6 @@ require ( github.com/google/go-cmp v0.7.0 github.com/google/uuid v1.6.0 github.com/openshift-online/ocm-sdk-go v0.1.459 - github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784 go.opentelemetry.io/otel v1.34.0 go.uber.org/mock v0.5.0 ) @@ -24,17 +23,14 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect - github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/gabriel-vasile/mimetype v1.4.8 // indirect - github.com/go-logr/logr v1.4.2 // indirect github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/glog v1.2.4 // indirect - github.com/google/gofuzz v1.2.0 // indirect github.com/gorilla/css v1.0.1 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kylelemons/godebug v1.1.0 // indirect @@ -43,28 +39,21 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/onsi/ginkgo/v2 v2.21.0 // indirect + github.com/onsi/gomega v1.35.1 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_golang v1.21.0 // indirect github.com/prometheus/client_model v0.6.1 // indirect github.com/prometheus/common v0.62.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/rogpeppe/go-internal v1.13.1 // indirect github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect - github.com/spf13/pflag v1.0.6 // indirect - github.com/x448/float16 v0.8.4 // indirect golang.org/x/crypto v0.33.0 // indirect golang.org/x/net v0.35.0 // indirect golang.org/x/oauth2 v0.24.0 // indirect golang.org/x/sys v0.30.0 // indirect golang.org/x/text v0.22.0 // indirect google.golang.org/protobuf v1.36.3 // indirect - gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.32.2 // indirect - k8s.io/apimachinery v0.32.2 // indirect - k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect - sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect - sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/internal/go.sum b/internal/go.sum index c32c28bab..0ac018481 100644 --- a/internal/go.sum +++ b/internal/go.sum @@ -32,8 +32,6 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/r github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= -github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= -github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM= github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= @@ -48,20 +46,15 @@ github.com/go-playground/validator/v10 v10.25.0 h1:5Dh7cjvzR7BRZadnsVOzPhWsrwUr0 github.com/go-playground/validator/v10 v10.25.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v1.2.4 h1:CNNw5U8lSiiBk7druxtSHHTsRWcxKoac6kZKm2peBBc= github.com/golang/glog v1.2.4/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -92,8 +85,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -119,8 +110,6 @@ github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/openshift-online/ocm-sdk-go v0.1.459 h1:n56ErJL8S2RPfpX6HGp2CmVyJ7k0GC4xnVYdO8Ky8XI= github.com/openshift-online/ocm-sdk-go v0.1.459/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y= -github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784 h1:SmOZFMxuAH4d1Cj7dOftVyo4Wg/mEC4pwz6QIJJsAkc= -github.com/openshift/api v0.0.0-20240429104249-ac9356ba1784/go.mod h1:CxgbWAlvu2iQB0UmKTtRu1YfepRg1/vJ64n2DlIEVz4= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -142,78 +131,31 @@ github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 h1:JIAuq3EEf9cgbU6AtGPK4CTG3Zf6CKMNqf0MHTggAUA= github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= -github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= -github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.opentelemetry.io/otel v1.34.0 h1:zRLXxLCgL1WyKsPVrgbSdMN4c0FMkDAskSTQP+0hdUY= go.opentelemetry.io/otel v1.34.0/go.mod h1:OWFPOQ+h4G8xpyjgqo4SxJYdDQ/qmRH+wivy7zzx9oI= go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU= go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= -golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU= google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= -gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= -k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= -k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= -k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= -k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= -k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= -sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= -sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk= -sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= -sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= -sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=