From 146991efda67acbe9528faf233b26586a417b1bd Mon Sep 17 00:00:00 2001 From: Mark Ormesher Date: Mon, 1 Aug 2022 09:10:07 +0100 Subject: [PATCH 01/15] Fix wording of default behavior for namespaces option --- docs/content/providers/kubernetes-crd.md | 2 +- docs/content/providers/kubernetes-gateway.md | 2 +- docs/content/providers/kubernetes-ingress.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/content/providers/kubernetes-crd.md b/docs/content/providers/kubernetes-crd.md index fcbed3102..8b2a9894d 100644 --- a/docs/content/providers/kubernetes-crd.md +++ b/docs/content/providers/kubernetes-crd.md @@ -160,7 +160,7 @@ providers: _Optional, Default: []_ Array of namespaces to watch. -If left empty, watches all namespaces if the value of `namespaces`. +If left empty, Traefik watches all namespaces. ```yaml tab="File (YAML)" providers: diff --git a/docs/content/providers/kubernetes-gateway.md b/docs/content/providers/kubernetes-gateway.md index b6e411517..187586820 100644 --- a/docs/content/providers/kubernetes-gateway.md +++ b/docs/content/providers/kubernetes-gateway.md @@ -193,7 +193,7 @@ providers: _Optional, Default: []_ Array of namespaces to watch. -If left empty, watches all namespaces if the value of `namespaces`. +If left empty, Traefik watches all namespaces. ```yaml tab="File (YAML)" providers: diff --git a/docs/content/providers/kubernetes-ingress.md b/docs/content/providers/kubernetes-ingress.md index 955003517..51a771c4b 100644 --- a/docs/content/providers/kubernetes-ingress.md +++ b/docs/content/providers/kubernetes-ingress.md @@ -201,7 +201,7 @@ providers: _Optional, Default: []_ Array of namespaces to watch. -If left empty, watches all namespaces if the value of `namespaces`. +If left empty, Traefik watches all namespaces. ```yaml tab="File (YAML)" providers: From b4ee7bdcbef4592d2396e06cad0ac17d8678680d Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Mon, 1 Aug 2022 15:12:08 +0200 Subject: [PATCH 02/15] Bump paerser to v0.1.6 --- go.mod | 6 ++-- go.sum | 11 +++---- pkg/plugins/middlewares.go | 2 +- pkg/plugins/plugins.go | 24 --------------- pkg/plugins/plugins_test.go | 60 ------------------------------------- pkg/plugins/providers.go | 2 +- 6 files changed, 11 insertions(+), 94 deletions(-) delete mode 100644 pkg/plugins/plugins_test.go diff --git a/go.mod b/go.mod index 5f2930f8c..3d673bf53 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/traefik/traefik/v2 go 1.17 require ( - github.com/BurntSushi/toml v1.0.0 + github.com/BurntSushi/toml v1.1.0 github.com/ExpediaDotCom/haystack-client-go v0.0.0-20190315171017-e7edbdf53a61 github.com/Masterminds/sprig/v3 v3.2.2 github.com/abbot/go-http-auth v0.0.0-00010101000000-000000000000 @@ -53,9 +53,9 @@ require ( github.com/prometheus/client_model v0.2.0 github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac github.com/sirupsen/logrus v1.8.1 - github.com/stretchr/testify v1.7.5 + github.com/stretchr/testify v1.8.0 github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 - github.com/traefik/paerser v0.1.5 + github.com/traefik/paerser v0.1.6 github.com/traefik/yaegi v0.13.0 github.com/uber/jaeger-client-go v2.30.0+incompatible github.com/uber/jaeger-lib v2.2.0+incompatible diff --git a/go.sum b/go.sum index 2eecd9497..dc90e2ccb 100644 --- a/go.sum +++ b/go.sum @@ -114,8 +114,8 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.0.0 h1:dtDWrepsVPfW9H/4y7dDgFc2MBUSeJhlaDtK13CxFlU= -github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I= +github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583 h1:3nVO1nQyh64IUY6BPZUpMYMZ738Pu+LsMt3E0eqqIYw= github.com/DataDog/datadog-agent/pkg/obfuscate v0.0.0-20211129110424-6491aa3bf583/go.mod h1:EP9f4GqaDJyP1F5jTNMtzdIpw3JpNs3rMSJOnYywCiw= @@ -1864,8 +1864,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.5 h1:s5PTfem8p8EbKQOctVV53k6jCJt3UX4IEJzwh+C324Q= github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 h1:XGopsea1Dw7ecQ8JscCNQXDGYAKDiWjDeXnpN/+BY9g= github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154/go.mod h1:7jxmlfBCDBXRzr0eAQJ48XC1hBu1np4CS5+cHEYfwpc= github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= @@ -1909,8 +1910,8 @@ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305 h1:y/1cL5AL2oRcfzz8CAHHhR6kDDfIOT0WEyH5k40sccM= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305/go.mod h1:gXOLibKqQTRAVuVZ9gX7G9Ykky8ll8yb4slxsEMoY0c= -github.com/traefik/paerser v0.1.5 h1:crit7KzQ9PUWGCYu+H2acwyr7ZKb3RQDSn6iJCtxBhE= -github.com/traefik/paerser v0.1.5/go.mod h1:Fuwl9DWJfGpZPPwZY6djYIF0vhvzhLmCizn6P66UeLY= +github.com/traefik/paerser v0.1.6 h1:UqqAW0M3r+aF7DibUVwO1PiZ8cXLsUkpFv5hhxPCscA= +github.com/traefik/paerser v0.1.6/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= github.com/traefik/yaegi v0.13.0 h1:dNwyGNSLHuRw5xswpbuW1TlzzGDciiK6uAighR1tMsc= github.com/traefik/yaegi v0.13.0/go.mod h1:RuCwD8/wsX7b6KoQHOaIFUfuH3gQIK4KWnFFmJMw5VA= github.com/transip/gotransip/v6 v6.6.1 h1:nsCU1ErZS5G0FeOpgGXc4FsWvBff9GPswSMggsC4564= diff --git a/pkg/plugins/middlewares.go b/pkg/plugins/middlewares.go index 8e476cce3..09edbc954 100644 --- a/pkg/plugins/middlewares.go +++ b/pkg/plugins/middlewares.go @@ -86,7 +86,7 @@ func (p middlewareBuilder) createConfig(config map[string]interface{}) (reflect. vConfig := results[0] cfg := &mapstructure.DecoderConfig{ - DecodeHook: stringToSliceHookFunc, + DecodeHook: mapstructure.StringToSliceHookFunc(","), WeaklyTypedInput: true, Result: vConfig.Interface(), } diff --git a/pkg/plugins/plugins.go b/pkg/plugins/plugins.go index 63b513ae8..fdfb9fbce 100644 --- a/pkg/plugins/plugins.go +++ b/pkg/plugins/plugins.go @@ -4,7 +4,6 @@ import ( "context" "errors" "fmt" - "reflect" "strings" "github.com/hashicorp/go-multierror" @@ -167,26 +166,3 @@ func checkLocalPluginManifest(descriptor LocalDescriptor) error { return errs.ErrorOrNil() } - -func stringToSliceHookFunc(f reflect.Kind, t reflect.Kind, data interface{}) (interface{}, error) { - if f != reflect.String || t != reflect.Slice { - return data, nil - } - - raw := data.(string) - if raw == "" { - return []string{}, nil - } - - if strings.Contains(raw, "║") { - values := strings.Split(raw, "║") - // Removes the first value if the slice has a length of 2 and a first value empty. - // It's a workaround to escape the parsing on `,`. - if len(values) == 2 && values[0] == "" { - return values[1:], nil - } - return values, nil - } - - return strings.Split(raw, ","), nil -} diff --git a/pkg/plugins/plugins_test.go b/pkg/plugins/plugins_test.go deleted file mode 100644 index 57d3d3235..000000000 --- a/pkg/plugins/plugins_test.go +++ /dev/null @@ -1,60 +0,0 @@ -package plugins - -import ( - "reflect" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func Test_stringToSliceHookFunc(t *testing.T) { - testCases := []struct { - desc string - data string - expected []string - }{ - { - desc: "without separator", - data: "abc", - expected: []string{"abc"}, - }, - { - desc: "with the file separator", - data: "a║b║c", - expected: []string{"a", "b", "c"}, - }, - { - desc: "with the label separator", - data: "a,b,c", - expected: []string{"a", "b", "c"}, - }, - { - desc: "with the file separator and values with commas", - data: "a,z║b,w║c,x,y", - expected: []string{"a,z", "b,w", "c,x,y"}, - }, - { - desc: "escaping workaround", - data: "║a,z", - expected: []string{"a,z"}, - }, - { - desc: "with the file separator and empty item", - data: "║a║z", - expected: []string{"", "a", "z"}, - }, - } - - for _, test := range testCases { - test := test - t.Run(test.desc, func(t *testing.T) { - t.Parallel() - - values, err := stringToSliceHookFunc(reflect.String, reflect.Slice, test.data) - require.NoError(t, err) - - assert.EqualValues(t, test.expected, values) - }) - } -} diff --git a/pkg/plugins/providers.go b/pkg/plugins/providers.go index ac9aa296f..abec8d1b8 100644 --- a/pkg/plugins/providers.go +++ b/pkg/plugins/providers.go @@ -93,7 +93,7 @@ func newProvider(builder providerBuilder, config map[string]interface{}, provide } cfg := &mapstructure.DecoderConfig{ - DecodeHook: stringToSliceHookFunc, + DecodeHook: mapstructure.StringToSliceHookFunc(","), WeaklyTypedInput: true, Result: vConfig.Interface(), } From 1576ad85b83b07752cd7dc1e0be9842eaf24fd46 Mon Sep 17 00:00:00 2001 From: longshine Date: Thu, 4 Aug 2022 16:22:08 +0800 Subject: [PATCH 03/15] Place namespace before name in router key for Ingress --- .../rawdata-ingress-label-selector.json | 4 +-- integration/testdata/rawdata-ingress.json | 36 +++++++++---------- .../testdata/rawdata-ingressclass.json | 4 +-- pkg/provider/kubernetes/ingress/kubernetes.go | 2 +- .../kubernetes/ingress/kubernetes_test.go | 4 +-- 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/integration/testdata/rawdata-ingress-label-selector.json b/integration/testdata/rawdata-ingress-label-selector.json index 66d3b095e..497835714 100644 --- a/integration/testdata/rawdata-ingress-label-selector.json +++ b/integration/testdata/rawdata-ingress-label-selector.json @@ -28,7 +28,7 @@ "traefik" ] }, - "test-ingress-default-whoami-test-whoami@kubernetes": { + "default-test-ingress-whoami-test-whoami@kubernetes": { "entryPoints": [ "web" ], @@ -92,7 +92,7 @@ }, "status": "enabled", "usedBy": [ - "test-ingress-default-whoami-test-whoami@kubernetes" + "default-test-ingress-whoami-test-whoami@kubernetes" ], "serverStatus": { "http://10.42.0.2:80": "UP", diff --git a/integration/testdata/rawdata-ingress.json b/integration/testdata/rawdata-ingress.json index 920154fcc..2943e4cbd 100644 --- a/integration/testdata/rawdata-ingress.json +++ b/integration/testdata/rawdata-ingress.json @@ -28,18 +28,7 @@ "traefik" ] }, - "test-ingress-default-whoami-test-whoami@kubernetes": { - "entryPoints": [ - "web" - ], - "service": "default-whoami-http", - "rule": "Host(`whoami.test`) \u0026\u0026 PathPrefix(`/whoami`)", - "status": "enabled", - "using": [ - "web" - ] - }, - "test-ingress-https-default-whoami-test-https-whoami@kubernetes": { + "default-test-ingress-https-whoami-test-https-whoami@kubernetes": { "entryPoints": [ "web" ], @@ -50,7 +39,18 @@ "web" ] }, - "whoami-drop-route-default-whoami-test-drop-drop@kubernetes": { + "default-test-ingress-whoami-test-whoami@kubernetes": { + "entryPoints": [ + "web" + ], + "service": "default-whoami-http", + "rule": "Host(`whoami.test`) \u0026\u0026 PathPrefix(`/whoami`)", + "status": "enabled", + "using": [ + "web" + ] + }, + "default-whoami-drop-route-whoami-test-drop-drop@kubernetes": { "entryPoints": [ "web" ], @@ -61,7 +61,7 @@ "web" ] }, - "whoami-keep-route-default-whoami-test-keep-keep@kubernetes": { + "default-whoami-keep-route-whoami-test-keep-keep@kubernetes": { "entryPoints": [ "web" ], @@ -125,8 +125,8 @@ }, "status": "enabled", "usedBy": [ - "whoami-drop-route-default-whoami-test-drop-drop@kubernetes", - "whoami-keep-route-default-whoami-test-keep-keep@kubernetes" + "default-whoami-drop-route-whoami-test-drop-drop@kubernetes", + "default-whoami-keep-route-whoami-test-keep-keep@kubernetes" ], "serverStatus": { "http://XXXX": "UP", @@ -147,8 +147,8 @@ }, "status": "enabled", "usedBy": [ - "test-ingress-default-whoami-test-whoami@kubernetes", - "test-ingress-https-default-whoami-test-https-whoami@kubernetes" + "default-test-ingress-https-whoami-test-https-whoami@kubernetes", + "default-test-ingress-whoami-test-whoami@kubernetes" ], "serverStatus": { "http://10.42.0.10:80": "UP", diff --git a/integration/testdata/rawdata-ingressclass.json b/integration/testdata/rawdata-ingressclass.json index 53db99cef..0944a7cff 100644 --- a/integration/testdata/rawdata-ingressclass.json +++ b/integration/testdata/rawdata-ingressclass.json @@ -28,7 +28,7 @@ "traefik" ] }, - "whoami-keep-route-default-whoami-test-keep-keep@kubernetes": { + "default-whoami-keep-route-whoami-test-keep-keep@kubernetes": { "entryPoints": [ "web" ], @@ -92,7 +92,7 @@ }, "status": "enabled", "usedBy": [ - "whoami-keep-route-default-whoami-test-keep-keep@kubernetes" + "default-whoami-keep-route-whoami-test-keep-keep@kubernetes" ], "serverStatus": { "http://10.42.0.4:80": "UP", diff --git a/pkg/provider/kubernetes/ingress/kubernetes.go b/pkg/provider/kubernetes/ingress/kubernetes.go index 3f7011730..5605f97b9 100644 --- a/pkg/provider/kubernetes/ingress/kubernetes.go +++ b/pkg/provider/kubernetes/ingress/kubernetes.go @@ -304,7 +304,7 @@ func (p *Provider) loadConfigurationFromIngresses(ctx context.Context, client Cl serviceName := provider.Normalize(ingress.Namespace + "-" + pa.Backend.Service.Name + "-" + portString) conf.HTTP.Services[serviceName] = service - routerKey := strings.TrimPrefix(provider.Normalize(ingress.Name+"-"+ingress.Namespace+"-"+rule.Host+pa.Path), "-") + routerKey := strings.TrimPrefix(provider.Normalize(ingress.Namespace+"-"+ingress.Name+"-"+rule.Host+pa.Path), "-") routers[routerKey] = append(routers[routerKey], loadRouter(rule, pa, rtConfig, serviceName)) } } diff --git a/pkg/provider/kubernetes/ingress/kubernetes_test.go b/pkg/provider/kubernetes/ingress/kubernetes_test.go index 58d8226a9..c096578fc 100644 --- a/pkg/provider/kubernetes/ingress/kubernetes_test.go +++ b/pkg/provider/kubernetes/ingress/kubernetes_test.go @@ -1696,7 +1696,7 @@ func TestLoadConfigurationFromIngressesWithExternalNameServices(t *testing.T) { HTTP: &dynamic.HTTPConfiguration{ Middlewares: map[string]*dynamic.Middleware{}, Routers: map[string]*dynamic.Router{ - "example-com-testing-bar": { + "testing-example-com-bar": { Rule: "PathPrefix(`/bar`)", Service: "testing-service-bar-8080", }, @@ -1724,7 +1724,7 @@ func TestLoadConfigurationFromIngressesWithExternalNameServices(t *testing.T) { HTTP: &dynamic.HTTPConfiguration{ Middlewares: map[string]*dynamic.Middleware{}, Routers: map[string]*dynamic.Router{ - "example-com-testing-foo": { + "testing-example-com-foo": { Rule: "PathPrefix(`/foo`)", Service: "testing-service-foo-8080", }, From 40d2421db9305a7b4154894e218ff37f18f291c0 Mon Sep 17 00:00:00 2001 From: Maxence Moutoussamy Date: Tue, 9 Aug 2022 16:06:09 +0200 Subject: [PATCH 04/15] Add getting started guide for Kubernetes --- .../quick-start-with-kubernetes.md | 317 ++++++++++++++++++ docs/mkdocs.yml | 4 +- 2 files changed, 320 insertions(+), 1 deletion(-) create mode 100644 docs/content/getting-started/quick-start-with-kubernetes.md diff --git a/docs/content/getting-started/quick-start-with-kubernetes.md b/docs/content/getting-started/quick-start-with-kubernetes.md new file mode 100644 index 000000000..80e39ef09 --- /dev/null +++ b/docs/content/getting-started/quick-start-with-kubernetes.md @@ -0,0 +1,317 @@ +--- +title: "Traefik Getting Started With Kubernetes" +description: "Looking to get started with Traefik Proxy? Read the technical documentation to learn a simple use case that leverages Kubernetes." +--- + +# Quick Start + +A Simple Use Case of Traefik Proxy and Kubernetes +{: .subtitle } + +This guide is an introduction to using Traefik Proxy in a Kubernetes environment. +The objective is to learn how to run an application behind a Traefik reverse proxy in Kubernetes. +It presents and explains the basic blocks required to start with Traefik such as Ingress Controller, Ingresses, Deployments, static, and dynamic configuration. + +## Permissions and Accesses + +Traefik uses the Kubernetes API to discover running services. + +In order to use the Kubernetes API, Traefik needs some permissions. +This [permission mechanism](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) is based on roles defined by the cluster administrator. +The role is then bound to an account used by an application, in this case, Traefik Proxy. + +The first step is to create the role. +The [`ClusterRole`](https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1/#ClusterRole) resource enumerates the resources and actions available for the role. +In a file called `00-role.yml`, put the following `ClusterRole`: + +```yaml tab="00-role.yml" +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: traefik-role + +rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - ingresses/status + verbs: + - update +``` + +!!! info "You can find the reference for this file [there](../../reference/dynamic-configuration/kubernetes-crd/#rbac)." + +The next step is to create a dedicated service account for Traefik. +In a file called `00-account.yml`, put the following [`ServiceAccount`](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/service-account-v1/#ServiceAccount) resource: + +```yaml tab="00-account.yml" +apiVersion: v1 +kind: ServiceAccount +metadata: + name: traefik-account +``` + +And then, bind the role on the account to apply the permissions and rules on the latter. In a file called `01-role-binding.yml`, put the +following [`ClusterRoleBinding`](https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1/#ClusterRoleBinding) resource: + +```yaml tab="01-role-binding.yml" +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: traefik-role-binding + +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: traefik-role +subjects: + - kind: ServiceAccount + name: traefik-account + namespace: default # Using "default" because we did not specify a namespace when creating the ClusterAccount. +``` + +!!! info "`roleRef` is the Kubernetes reference to the role created in `00-role.yml`." + +!!! info "`subjects` is the list of accounts reference." + + In this guide, it only contains the account created in `00-account.yml` + +## Deployment and Exposition + +!!! info "This section can be managed with the help of the [Traefik Helm chart](../install-traefik/#use-the-helm-chart)." + +The [ingress controller](https://traefik.io/glossary/kubernetes-ingress-and-ingress-controller-101/#what-is-a-kubernetes-ingress-controller) +is a software that runs in the same way as any other application on a cluster. +To start Traefik on the Kubernetes cluster, +a [`Deployment`](https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/deployment-v1/) resource must exist to describe how to configure +and scale containers horizontally to support larger workloads. + +Start by creating a file called `02-traefik.yml` and paste the following `Deployment` resource: + +```yaml tab="02-traefik.yml" +kind: Deployment +apiVersion: apps/v1 +metadata: + name: traefik-deployment + labels: + app: traefik + +spec: + replicas: 1 + selector: + matchLabels: + app: traefik + template: + metadata: + labels: + app: traefik + spec: + serviceAccountName: traefik-account + containers: + - name: traefik + image: traefik:v2.8 + args: + - --api.insecure + - --providers.kubernetesingress + ports: + - name: web + containerPort: 80 + - name: dashboard + containerPort: 8080 +``` + +The deployment contains an important attribute for customizing Traefik: `args`. +These arguments are the static configuration for Traefik. +From here, it is possible to enable the dashboard, +configure entry points, +select dynamic configuration providers, +and [more](../reference/static-configuration/cli.md)... + +In this deployment, +the static configuration enables the Traefik dashboard, +and uses Kubernetes native Ingress resources as router definitions to route incoming requests. + +!!! info "When there is no entry point in the static configuration" + + Traefik creates a default one called `web` using the port `80` routing HTTP requests. + +!!! info "When enabling the [`api.insecure`](../../operations/api/#insecure) mode, Traefik exposes the dashboard on the port `8080`." + +A deployment manages scaling and then can create lots of containers, called [Pods](https://kubernetes.io/docs/concepts/workloads/pods/). +Each Pod is configured following the `spec` field in the deployment. +Given that, a Deployment can run multiple Traefik Proxy Pods, +a piece is required to forward the traffic to any of the instance: +namely a [`Service`](https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#Service). +Create a file called `02-traefik-services.yml` and insert the two `Service` resources: + +```yaml tab="02-traefik-services.yml" +apiVersion: v1 +kind: Service +metadata: + name: traefik-dashboard-service + +spec: + type: LoadBalancer + ports: + - port: 8080 + targetPort: dashboard + selector: + app: traefik +--- +apiVersion: v1 +kind: Service +metadata: + name: traefik-web-service + +spec: + type: LoadBalancer + ports: + - targetPort: web + port: 80 + selector: + app: traefik +``` + +!!! warning "It is possible to expose a service in different ways." + + Depending on your working environment and use case, the `spec.type` might change. + It is strongly recommended to understand the available [service types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) before proceeding to the next step. + +It is now time to apply those files on your cluster to start Traefik. + +```shell +kubectl apply -f 00-role.yml \ + -f 00-account.yml \ + -f 01-role-binding.yml \ + -f 02-traefik.yml \ + -f 02-traefik-services.yml +``` + +## Proxying applications + +The only part still missing is the business application behind the reverse proxy. +For this guide, we use the example application [traefik/whoami](https://github.com/traefik/whoami), +but the principles are applicable to any other application. + +The `whoami` application is a simple HTTP server running on port 80 which answers host-related information to the incoming requests. +As usual, start by creating a file called `03-whoami.yml` and paste the following `Deployment` resource: + +```yaml tab="03-whoami.yml" +kind: Deployment +apiVersion: apps/v1 +metadata: + name: whoami + labels: + app: whoami + +spec: + replicas: 1 + selector: + matchLabels: + app: whoami + template: + metadata: + labels: + app: whoami + spec: + containers: + - name: whoami + image: traefik/whoami + ports: + - name: web + containerPort: 80 +``` + +And continue by creating the following `Service` resource in a file called `03-whoami-services.yml`: + +```yaml tab="03-whoami-services.yml" +apiVersion: v1 +kind: Service +metadata: + name: whoami + +spec: + ports: + - name: web + port: 80 + targetPort: web + + selector: + app: whoami +``` + +Thanks to the Kubernetes API, +Traefik is notified when an Ingress resource is created, updated, or deleted. +This makes the process dynamic. +The ingresses are, in a way, the [dynamic configuration](../../providers/kubernetes-ingress/) for Traefik. + +!!! tip + + Find more information on [ingress controller](https://kubernetes.io/docs/concepts/services-networking/ingress-controllers/), + and [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) in the official Kubernetes documentation. + +Create a file called `04-whoami-ingress.yml` and insert the `Ingress` resource: + +```yaml tab="04-whoami-ingress.yml" +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: whoami-ingress +spec: + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: whoami + port: + name: web +``` + +This `Ingress` configures Traefik to redirect any incoming requests starting with `/` to the `whoami:80` service. + +At this point, all the configurations are ready. +It is time to apply those new files: + +```shell +kubectl apply -f 03-whoami.yml \ + -f 03-whoami-services.yml \ + -f 04-whoami-ingress.yml +``` + +Now you should be able to access the `whoami` application and the Traefik dashboard. +Load the dashboard on a web browser: [`http://localhost:8080`](http://localhost:8080). + +And now access the `whoami` application: + +```shell +curl -v http://localhost/ +``` + +!!! question "Going further" + + - [Filter the ingresses](../providers/kubernetes-ingress.md#ingressclass) to use with [IngressClass](https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-class) + - Use [IngressRoute CRD](../providers/kubernetes-crd.md) + - Protect [ingresses with TLS](../routing/providers/kubernetes-ingress.md#enabling-tls-via-annotations) diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml index 36240c18b..03a3f7f5e 100644 --- a/docs/mkdocs.yml +++ b/docs/mkdocs.yml @@ -66,7 +66,9 @@ nav: - 'Welcome': 'index.md' - 'Getting Started': - 'Concepts' : 'getting-started/concepts.md' - - 'Quick Start': 'getting-started/quick-start.md' + - 'Quick Start': + - 'Docker': 'getting-started/quick-start.md' + - 'Kubernetes': 'getting-started/quick-start-with-kubernetes.md' - 'Configuration Introduction': 'getting-started/configuration-overview.md' - 'Install Traefik': 'getting-started/install-traefik.md' - 'Frequently Asked Questions': 'getting-started/faq.md' From 45453b20fafc75249acc097589328dd9a8fac1cf Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Tue, 9 Aug 2022 17:36:08 +0200 Subject: [PATCH 05/15] chore: update to go1.19 --- .github/workflows/build.yaml | 2 +- .github/workflows/test-unit.yaml | 2 +- .github/workflows/validate.yaml | 4 +- .golangci.toml | 17 ++-- .semaphore/semaphore.yml | 4 +- build.Dockerfile | 4 +- docs/content/https/tls.md | 33 -------- docs/content/migration/v2.md | 7 ++ .../kubernetes-crd-definition-v1.yml | 7 +- .../traefik.containo.us_tlsoptions.yaml | 7 +- exp.Dockerfile | 2 +- go.mod | 15 ++-- go.sum | 43 +++------- integration/fixtures/https/clientca/README.md | 79 +++++++++++++++++++ integration/fixtures/https/clientca/ca1.crt | 35 ++++---- integration/fixtures/https/clientca/ca1.key | 50 ++++++------ integration/fixtures/https/clientca/ca1.srl | 2 +- .../fixtures/https/clientca/ca1and2.crt | 70 ++++++++-------- integration/fixtures/https/clientca/ca2.crt | 35 ++++---- integration/fixtures/https/clientca/ca2.key | 50 ++++++------ integration/fixtures/https/clientca/ca2.srl | 2 +- integration/fixtures/https/clientca/ca3.crt | 35 ++++---- integration/fixtures/https/clientca/ca3.key | 50 ++++++------ integration/fixtures/https/clientca/ca3.srl | 2 +- .../fixtures/https/clientca/client1.crt | 30 +++---- .../fixtures/https/clientca/client1.csr | 26 +++--- .../fixtures/https/clientca/client1.key | 50 ++++++------ .../fixtures/https/clientca/client2.crt | 30 +++---- .../fixtures/https/clientca/client2.csr | 26 +++--- .../fixtures/https/clientca/client2.key | 50 ++++++------ .../fixtures/https/clientca/client3.crt | 30 +++---- .../fixtures/https/clientca/client3.csr | 26 +++--- .../fixtures/https/clientca/client3.key | 50 ++++++------ integration/fixtures/k8s/01-traefik-crd.yml | 7 +- .../fixtures/tcp/multi-tls-options.toml | 4 +- integration/https_test.go | 6 +- integration/integration_test.go | 3 +- integration/keepalive_test.go | 2 +- integration/tcp_test.go | 12 +-- pkg/middlewares/compress/compress_test.go | 2 +- pkg/middlewares/retry/retry_test.go | 2 +- .../crd/fixtures/tcp/with_tls_options.yml | 1 - .../crd/fixtures/with_default_tls_options.yml | 1 - ..._default_tls_options_default_namespace.yml | 1 - .../crd/fixtures/with_tls_options.yml | 1 - pkg/provider/kubernetes/crd/kubernetes.go | 5 +- .../kubernetes/crd/kubernetes_test.go | 9 +-- .../crd/traefik/v1alpha1/tlsoption.go | 3 +- pkg/redactor/redactor_config_test.go | 3 +- .../testdata/anonymized-dynamic-config.json | 3 +- .../testdata/secured-dynamic-config.json | 5 +- pkg/rules/parser.go | 4 +- pkg/server/router/router_test.go | 4 +- pkg/server/router/tcp/router_test.go | 10 ++- pkg/server/server_entrypoint_tcp.go | 10 ++- pkg/server/server_entrypoint_tcp_http3.go | 25 +++--- pkg/server/service/proxy_test.go | 2 +- pkg/server/service/proxy_websocket_test.go | 4 +- pkg/tls/tls.go | 2 +- pkg/tls/tlsmanager.go | 5 -- script/codegen.Dockerfile | 1 + 61 files changed, 519 insertions(+), 493 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 6b9ddb2dc..fd6f61dc0 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -6,7 +6,7 @@ on: - '*' env: - GO_VERSION: 1.17 + GO_VERSION: 1.19 CGO_ENABLED: 0 IN_DOCKER: "" diff --git a/.github/workflows/test-unit.yaml b/.github/workflows/test-unit.yaml index b1bd61acd..cbc2eb57d 100644 --- a/.github/workflows/test-unit.yaml +++ b/.github/workflows/test-unit.yaml @@ -6,7 +6,7 @@ on: - '*' env: - GO_VERSION: 1.17 + GO_VERSION: 1.19 IN_DOCKER: "" jobs: diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml index 8d2195448..5f2556973 100644 --- a/.github/workflows/validate.yaml +++ b/.github/workflows/validate.yaml @@ -6,8 +6,8 @@ on: - '*' env: - GO_VERSION: 1.17 - GOLANGCI_LINT_VERSION: v1.47.1 + GO_VERSION: 1.19 + GOLANGCI_LINT_VERSION: v1.48.0 MISSSPELL_VERSION: v0.3.4 IN_DOCKER: "" diff --git a/.golangci.toml b/.golangci.toml index 99dfcab4c..9868d169d 100644 --- a/.golangci.toml +++ b/.golangci.toml @@ -119,6 +119,7 @@ "interfacer", # Deprecated "maligned", # Deprecated "golint", # Deprecated + "nosnakecase", # Deprecated "execinquery", # Not relevant (SQL) "sqlclosecheck", # Not relevant (SQL) "rowserrcheck", # Not relevant (SQL) @@ -159,6 +160,7 @@ "containedctx", # too many false-positive "maintidx", # kind of duplicate of gocyclo "nonamedreturns", # not relevant + "structcheck", # duplicate of unused ] [issues] @@ -223,14 +225,9 @@ path = "pkg/server/router/tcp/manager.go" text = "Function 'buildEntryPointHandler' is too long (.+)" [[issues.exclude-rules]] - path = "integration/fake_dns_server.go" - linters = ["nosnakecase"] + path = "pkg/tls/tlsmanager_test.go" + text = "SA1019: config.ClientCAs.Subjects has been deprecated since Go 1.18" [[issues.exclude-rules]] - path = "pkg/plugins/providers.go" - linters = ["nosnakecase"] - [[issues.exclude-rules]] - path = "pkg/tls/cipher.go" - linters = ["nosnakecase"] - [[issues.exclude-rules]] - text = "O_WRONLY|O_RDWR|O_CREATE|O_TRUNC|O_APPEND" - linters = ["nosnakecase"] + path = "pkg/types/tls_test.go" + text = "SA1019: tlsConfig.RootCAs.Subjects has been deprecated since Go 1.18" + diff --git a/.semaphore/semaphore.yml b/.semaphore/semaphore.yml index 6369fbec1..766773490 100644 --- a/.semaphore/semaphore.yml +++ b/.semaphore/semaphore.yml @@ -19,13 +19,13 @@ global_job_config: prologue: commands: - curl -sSfL https://raw.githubusercontent.com/ldez/semgo/master/godownloader.sh | sudo sh -s -- -b "/usr/local/bin" - - sudo semgo go1.17 + - sudo semgo go1.19 - export "GOPATH=$(go env GOPATH)" - export "SEMAPHORE_GIT_DIR=${GOPATH}/src/github.com/traefik/${SEMAPHORE_PROJECT_NAME}" - export "PATH=${GOPATH}/bin:${PATH}" - mkdir -vp "${SEMAPHORE_GIT_DIR}" "${GOPATH}/bin" - export GOPROXY=https://proxy.golang.org,direct - - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.46.2 + - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b "${GOPATH}/bin" v1.48.0 - curl -sSfL https://gist.githubusercontent.com/traefiker/6d7ac019c11d011e4f131bb2cca8900e/raw/goreleaser.sh | bash -s -- -b "${GOPATH}/bin" - checkout - cache restore traefik-$(checksum go.sum) diff --git a/build.Dockerfile b/build.Dockerfile index 24d5e829d..0c28e6c49 100644 --- a/build.Dockerfile +++ b/build.Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.17-alpine +FROM golang:1.19-alpine RUN apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \ && update-ca-certificates \ @@ -13,7 +13,7 @@ RUN mkdir -p /usr/local/bin \ | tar -xzC /usr/local/bin --transform 's#^.+/##x' # Download golangci-lint binary to bin folder in $GOPATH -RUN curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $GOPATH/bin v1.47.1 +RUN curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | bash -s -- -b $GOPATH/bin v1.48.0 # Download misspell binary to bin folder in $GOPATH RUN curl -sfL https://raw.githubusercontent.com/client9/misspell/master/install-misspell.sh | bash -s -- -b $GOPATH/bin v0.3.4 diff --git a/docs/content/https/tls.md b/docs/content/https/tls.md index 448f0ca5b..eb498d005 100644 --- a/docs/content/https/tls.md +++ b/docs/content/https/tls.md @@ -396,39 +396,6 @@ spec: sniStrict: true ``` -### Prefer Server Cipher Suites - -This option allows the server to choose its most preferred cipher suite instead of the client's. -Please note that this is enabled automatically when `minVersion` or `maxVersion` are set. - -```yaml tab="File (YAML)" -# Dynamic configuration - -tls: - options: - default: - preferServerCipherSuites: true -``` - -```toml tab="File (TOML)" -# Dynamic configuration - -[tls.options] - [tls.options.default] - preferServerCipherSuites = true -``` - -```yaml tab="Kubernetes" -apiVersion: traefik.containo.us/v1alpha1 -kind: TLSOption -metadata: - name: default - namespace: default - -spec: - preferServerCipherSuites: true -``` - ### ALPN Protocols _Optional, Default="h2, http/1.1, acme-tls/1"_ diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 2461c4ac6..03c7eec49 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -473,3 +473,10 @@ In `v2.8`, the `namespace` option of Consul and Consul Catalog providers is depr In `v2.8`, the `pilot.token` and `pilot.dashboard` options are deprecated. Please check our Blog for migration instructions later this year. + +## v2.8.2 + +Since `v2.5.0`, the `PreferServerCipherSuites` is [deprecated and ignored](https://tip.golang.org/doc/go1.17#crypto/tls) by Go, +in `v2.8.2` the `preferServerCipherSuites` option is also deprecated and ignored in Traefik. + +In `v2.8.2`, Traefik now reject certificates signed with the SHA-1 hash function. ([details](https://tip.golang.org/doc/go1.18#sha1)) diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml index 345e90736..2bcfe5b28 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml @@ -1783,9 +1783,10 @@ spec: VersionTLS13. Default: VersionTLS10.' type: string preferServerCipherSuites: - description: PreferServerCipherSuites defines whether the server chooses - a cipher suite among his own instead of among the client's. It is - enabled automatically when minVersion or maxVersion are set. + description: 'PreferServerCipherSuites defines whether the server + chooses a cipher suite among his own instead of among the client''s. + It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430' type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml index 55cfefdf3..cb90d3fc9 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml @@ -89,9 +89,10 @@ spec: VersionTLS13. Default: VersionTLS10.' type: string preferServerCipherSuites: - description: PreferServerCipherSuites defines whether the server chooses - a cipher suite among his own instead of among the client's. It is - enabled automatically when minVersion or maxVersion are set. + description: 'PreferServerCipherSuites defines whether the server + chooses a cipher suite among his own instead of among the client''s. + It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430' type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections diff --git a/exp.Dockerfile b/exp.Dockerfile index 9e8a90271..bb2fc4997 100644 --- a/exp.Dockerfile +++ b/exp.Dockerfile @@ -12,7 +12,7 @@ RUN yarn install RUN yarn build # BUILD -FROM golang:1.17-alpine as gobuild +FROM golang:1.19-alpine as gobuild RUN apk --no-cache --no-progress add git mercurial bash gcc musl-dev curl tar ca-certificates tzdata \ && update-ca-certificates \ diff --git a/go.mod b/go.mod index 3d673bf53..0a867b8bf 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/traefik/traefik/v2 -go 1.17 +go 1.19 require ( github.com/BurntSushi/toml v1.1.0 @@ -37,7 +37,7 @@ require ( github.com/instana/go-sensor v1.38.3 github.com/klauspost/compress v1.14.2 github.com/kvtools/valkeyrie v0.4.1 - github.com/lucas-clemente/quic-go v0.27.0 + github.com/lucas-clemente/quic-go v0.28.1 github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f github.com/miekg/dns v1.1.47 github.com/mitchellh/copystructure v1.0.0 @@ -56,7 +56,7 @@ require ( github.com/stretchr/testify v1.8.0 github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 github.com/traefik/paerser v0.1.6 - github.com/traefik/yaegi v0.13.0 + github.com/traefik/yaegi v0.14.1 github.com/uber/jaeger-client-go v2.30.0+incompatible github.com/uber/jaeger-lib v2.2.0+incompatible github.com/unrolled/render v1.0.2 @@ -67,7 +67,8 @@ require ( go.elastic.co/apm v1.13.1 go.elastic.co/apm/module/apmot v1.13.1 golang.org/x/mod v0.4.2 - golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 + golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e + golang.org/x/text v0.3.7 golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 google.golang.org/grpc v1.38.0 @@ -227,8 +228,9 @@ require ( github.com/mailru/easyjson v0.7.7 // indirect github.com/marten-seemann/qpack v0.2.1 // indirect github.com/marten-seemann/qtls-go1-16 v0.1.5 // indirect - github.com/marten-seemann/qtls-go1-17 v0.1.1 // indirect - github.com/marten-seemann/qtls-go1-18 v0.1.1 // indirect + github.com/marten-seemann/qtls-go1-17 v0.1.2 // indirect + github.com/marten-seemann/qtls-go1-18 v0.1.2 // indirect + github.com/marten-seemann/qtls-go1-19 v0.1.0-beta.1 // indirect github.com/mattn/go-colorable v0.1.11 // indirect github.com/mattn/go-isatty v0.0.14 // indirect github.com/mattn/go-shellwords v1.0.12 // indirect @@ -311,7 +313,6 @@ require ( golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect - golang.org/x/text v0.3.7 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/api v0.44.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index dc90e2ccb..f05106f2e 100644 --- a/go.sum +++ b/go.sum @@ -55,7 +55,6 @@ github.com/AlecAivazis/survey/v2 v2.2.3 h1:utJR2X4Ibp2fBxdjalQUiMFf3zfQNjA15YE8+ github.com/AlecAivazis/survey/v2 v2.2.3/go.mod h1:9FJRdMdDm8rnT+zHVbvQT2RTSTLq0Ttd6q3Vl2fahjk= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v19.1.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v32.4.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v40.3.0+incompatible h1:NthZg3psrLxvQLN6rVm07pZ9mv2wvGNaBNGQ3fnPvLE= github.com/Azure/azure-sdk-for-go v40.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= @@ -140,7 +139,6 @@ github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXY github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= @@ -235,7 +233,6 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:l github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.90/go.mod h1:es1KtYUFs7le0xQ3rOihkuoVD90z7D0fR2Qm4S00/gU= -github.com/aws/aws-sdk-go v1.16.23/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= @@ -299,7 +296,6 @@ github.com/cenkalti/backoff/v4 v4.1.1 h1:G2HAfAmvm/GcKan2oOQpBXOd2tT2G57ZnZGWa1P github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20180118203423-deb3ae2ef261/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= -github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -741,7 +737,6 @@ github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3a github.com/go-zookeeper/zk v1.0.2 h1:4mx0EYENAdX/B/rbunjlt5+4RTA/a9SMHBRuSKdGxPM= github.com/go-zookeeper/zk v1.0.2/go.mod h1:nOB03cncLtlp4t+UAkGSV+9beXP/akpekBwL+UX1Qcw= github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b h1:/vQ+oYKu+JoyaMPDsv5FzwuL2wwWBgBbtj/YLCi4LuA= -github.com/gobs/pretty v0.0.0-20180724170744-09732c25a95b/go.mod h1:Xo4aNUOrJnVruqWQJBtW6+bTBDTniY8yZum5rF3b5jw= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= @@ -868,7 +863,6 @@ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-containerregistry v0.0.0-20191015185424-71da34e4d9b3/go.mod h1:ZXFeSndFcK4vB1NR4voH1Zm38K7ViUNiYtfIBDxrwf0= -github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= github.com/google/go-github/v28 v28.1.1 h1:kORf5ekX5qwXO2mGzXXOjMe/g6ap8ahVe0sBEulhSxo= github.com/google/go-github/v28 v28.1.1/go.mod h1:bsqJWQX05omyWVmc00nEUql9mhQyv38lDZ8kPZcQVoM= @@ -910,7 +904,6 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go v2.0.0+incompatible h1:j0GKcs05QVmm7yesiZq2+9cxHkNK9YM6zKx4D2qucQU= github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= @@ -1267,7 +1260,6 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.4/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= @@ -1314,8 +1306,8 @@ github.com/liquidweb/liquidweb-go v1.6.3/go.mod h1:SuXXp+thr28LnjEw18AYtWwIbWMHS github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/looplab/fsm v0.1.0 h1:Qte7Zdn/5hBNbXzP7yxVU4OIFHWXBovyTT2LaBTyC20= github.com/looplab/fsm v0.1.0/go.mod h1:m2VaOfDHxqXBBMgc26m6yUOwkFn8H2AlJDE+jd/uafI= -github.com/lucas-clemente/quic-go v0.27.0 h1:v6WY87q9zD4dKASbG8hy/LpzAVNzEQzw8sEIeloJsc4= -github.com/lucas-clemente/quic-go v0.27.0/go.mod h1:AzgQoPda7N+3IqMMMkywBKggIFo2KT6pfnlrQ2QieeI= +github.com/lucas-clemente/quic-go v0.28.1 h1:Uo0lvVxWg5la9gflIF9lwa39ONq85Xq2D91YNEIslzU= +github.com/lucas-clemente/quic-go v0.28.1/go.mod h1:oGz5DKK41cJt5+773+BSO9BXDsREY4HLf7+0odGAPO0= github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= @@ -1345,10 +1337,12 @@ github.com/marten-seemann/qpack v0.2.1 h1:jvTsT/HpCn2UZJdP+UUB53FfUUgeOyG5K1ns0O github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc= github.com/marten-seemann/qtls-go1-16 v0.1.5 h1:o9JrYPPco/Nukd/HpOHMHZoBDXQqoNtUCmny98/1uqQ= github.com/marten-seemann/qtls-go1-16 v0.1.5/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk= -github.com/marten-seemann/qtls-go1-17 v0.1.1 h1:DQjHPq+aOzUeh9/lixAGunn6rIOQyWChPSI4+hgW7jc= -github.com/marten-seemann/qtls-go1-17 v0.1.1/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s= -github.com/marten-seemann/qtls-go1-18 v0.1.1 h1:qp7p7XXUFL7fpBvSS1sWD+uSqPvzNQK43DH+/qEkj0Y= -github.com/marten-seemann/qtls-go1-18 v0.1.1/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= +github.com/marten-seemann/qtls-go1-17 v0.1.2 h1:JADBlm0LYiVbuSySCHeY863dNkcpMmDR7s0bLKJeYlQ= +github.com/marten-seemann/qtls-go1-17 v0.1.2/go.mod h1:C2ekUKcDdz9SDWxec1N/MvcXBpaX9l3Nx67XaR84L5s= +github.com/marten-seemann/qtls-go1-18 v0.1.2 h1:JH6jmzbduz0ITVQ7ShevK10Av5+jBEKAHMntXmIV7kM= +github.com/marten-seemann/qtls-go1-18 v0.1.2/go.mod h1:mJttiymBAByA49mhlNZZGrH5u1uXYZJ+RW28Py7f4m4= +github.com/marten-seemann/qtls-go1-19 v0.1.0-beta.1 h1:7m/WlWcSROrcK5NxuXaxYD32BZqe/LEEnBrWcH/cOqQ= +github.com/marten-seemann/qtls-go1-19 v0.1.0-beta.1/go.mod h1:5HTDWtVudo/WFsHKRNuOhWlbdjrfs5JHrYb0wIJqGpI= github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= @@ -1393,7 +1387,6 @@ github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3N github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= -github.com/miekg/dns v1.1.45/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/dns v1.1.47 h1:J9bWiXbqMbnZPcY8Qi2E3EWIBsIm6MZzzJB9VRg5gL8= github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.3 h1:iMwmD7I5225wv84WxIG/bmxz9AXjWvTWIbM/TYHvWtw= @@ -1702,7 +1695,6 @@ github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/qri-io/jsonpointer v0.1.0/go.mod h1:DnJPaYgiKu56EuDp8TU5wFLdZIcAnb/uH9v37ZaMV64= github.com/qri-io/jsonschema v0.1.1/go.mod h1:QpzJ6gBQ0GYgGmh7mDQ1YsvvhSgE4rYj0k8t5MBOmUY= -github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKcyumwBO6qip7RNQ5r77yrssm9bfCowcLEBcU5IA= github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac h1:wBGhHdXKICZmvAPWS8gQoMyOWDH7QAi9bU4Z1nDWnFU= github.com/rancher/go-rancher-metadata v0.0.0-20200311180630-7f4c936a06ac/go.mod h1:67sLWL17mVlO1HFROaTBmU71NB4R8UNCesFHhg0f6LQ= github.com/rboyer/safeio v0.2.1/go.mod h1:Cq/cEPK+YXFn622lsQ0K4KsPZSPtaptHHEldsy7Fmig= @@ -1716,7 +1708,6 @@ github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/zerolog v1.4.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU= @@ -1791,14 +1782,12 @@ github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/skratchdot/open-golang v0.0.0-20160302144031-75fb7ed4208c/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v1.0.1 h1:voD4ITNjPL5jjBfgR/r8fPIIBrliWrWHeiJApdr3r4w= -github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9 h1:hp2CYQUINdZMHdvTdXtPOY2ainKl4IoMcpAXEf2xj3Q= github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/gunit v1.0.4 h1:tpTjnuH7MLlqhoD21vRoMZbMIi5GmBsAJDFyF67GhZA= -github.com/smartystreets/gunit v1.0.4/go.mod h1:EH5qMBab2UclzXUcpR8b93eHsIlp9u+pDQIRp5DZNzQ= github.com/softlayer/softlayer-go v0.0.0-20180806151055-260589d94c7d/go.mod h1:Cw4GTlQccdRGSEf6KiMju767x0NEHE0YIVPJSaXjlsw= github.com/softlayer/softlayer-go v1.0.3 h1:9FONm5xzQ9belQtbdryR6gBg4EF6hX6lrjNKi0IvZkU= github.com/softlayer/softlayer-go v1.0.3/go.mod h1:6HepcfAXROz0Rf63krk5hPZyHT6qyx2MNvYyHof7ik4= @@ -1864,7 +1853,6 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 h1:XGopsea1Dw7ecQ8JscCNQXDGYAKDiWjDeXnpN/+BY9g= @@ -1912,8 +1900,8 @@ github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305 h1:y/1cL5AL2oRcfz github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305/go.mod h1:gXOLibKqQTRAVuVZ9gX7G9Ykky8ll8yb4slxsEMoY0c= github.com/traefik/paerser v0.1.6 h1:UqqAW0M3r+aF7DibUVwO1PiZ8cXLsUkpFv5hhxPCscA= github.com/traefik/paerser v0.1.6/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= -github.com/traefik/yaegi v0.13.0 h1:dNwyGNSLHuRw5xswpbuW1TlzzGDciiK6uAighR1tMsc= -github.com/traefik/yaegi v0.13.0/go.mod h1:RuCwD8/wsX7b6KoQHOaIFUfuH3gQIK4KWnFFmJMw5VA= +github.com/traefik/yaegi v0.14.1 h1:t0ssyzeZCWTFGd/JnVuDxH/slMQfYg+2CDD4dLW/rU0= +github.com/traefik/yaegi v0.14.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0= github.com/transip/gotransip/v6 v6.6.1 h1:nsCU1ErZS5G0FeOpgGXc4FsWvBff9GPswSMggsC4564= github.com/transip/gotransip/v6 v6.6.1/go.mod h1:pQZ36hWWRahCUXkFWlx9Hs711gLd8J4qdgLdRzmtY+g= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926 h1:G3dpKMzFDjgEh2q1Z7zUUtKa8ViPtH+ocF0bE0g00O8= @@ -2027,10 +2015,8 @@ go.elastic.co/fastjson v1.1.0 h1:3MrGBWWVIxe/xvsbpghtkFoPciPhOCmjsR/HfwEeQR4= go.elastic.co/fastjson v1.1.0/go.mod h1:boNGISWMjQsUPy/t6yqt2/1Wx4YNPSe+mZjlyw9vKKI= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= -go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489 h1:1JFLBqwIgdyHN1ZtgjTBwO+blA6gVOmZurpiMEsETKo= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.etcd.io/etcd/api/v3 v3.5.0 h1:GsV3S+OfZEOCNXdtNkBSR7kgLobAa/SO6tCxRa0GAYw= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= @@ -2246,8 +2232,8 @@ golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4 h1:HVyaeDAYux4pnY+D/SiwmLOR36ewZ4iGQIIrtnuCjFA= -golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e h1:TsQ7F31D3bUCLeqPT0u+yjp1guoArKaNKmCr22PYgTQ= +golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/oauth2 v0.0.0-20180724155351-3d292e4d0cdc/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -2407,7 +2393,6 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220307203707-22a9840ba4d7/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= @@ -2434,7 +2419,6 @@ golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20210611083556-38a9dc6acbc6/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 h1:GZokNIeuVkl3aZHJchRrr13WCsols02MLUcz1U9is6M= golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -2831,7 +2815,6 @@ k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.1/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.4.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= -k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= @@ -2872,7 +2855,6 @@ sigs.k8s.io/controller-runtime v0.9.6/go.mod h1:q6PpkM5vqQubEKUKOM6qr06oXGzOBcCb sigs.k8s.io/controller-tools v0.6.2/go.mod h1:oaeGpjXn6+ZSEIQkUe/+3I40PNiDYp9aeawbt3xTgJ8= sigs.k8s.io/gateway-api v0.4.0 h1:07IJkTt21NetZTHtPKJk2I4XIgDN4BAlTIq1wK7V11o= sigs.k8s.io/gateway-api v0.4.0/go.mod h1:r3eiNP+0el+NTLwaTfOrCNXy8TukC+dIM3ggc+fbNWk= -sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ= sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= @@ -2882,7 +2864,6 @@ sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZa sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= -software.sslmate.com/src/go-pkcs12 v0.0.0-20210415151418-c5206de65a78/go.mod h1:B7Wf0Ya4DHF9Yw+qfZuJijQYkWicqDa+79Ytmmq3Kjg= sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU= sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck= sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0= diff --git a/integration/fixtures/https/clientca/README.md b/integration/fixtures/https/clientca/README.md index 0e58c1feb..33a5f5260 100644 --- a/integration/fixtures/https/clientca/README.md +++ b/integration/fixtures/https/clientca/README.md @@ -1,9 +1,38 @@ # This is how the certs were created +Password: traefik + ```bash +# ca1.example.com +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:ca1.example.com +# Email Address []:. openssl req -new -newkey rsa:2048 -x509 -days 3650 -extensions v3_ca -keyout ca1.pem -out ca1.crt + +# ca2.example.com +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:ca2.example.com +# Email Address []:. openssl req -new -newkey rsa:2048 -x509 -days 3650 -extensions v3_ca -keyout ca2.pem -out ca2.crt + +# ca3.example.com +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:ca3.example.com +# Email Address []:. openssl req -new -newkey rsa:2048 -x509 -days 3650 -extensions v3_ca -keyout ca3.pem -out ca3.crt + openssl rsa -in ca1.pem -out ca1.key openssl rsa -in ca2.pem -out ca2.key openssl rsa -in ca3.pem -out ca3.key @@ -14,8 +43,58 @@ openssl genrsa -out client1.key 2048 openssl genrsa -out client2.key 2048 openssl genrsa -out client3.key 2048 +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:clien1.example.com +# Email Address []:. +# +# Please enter the following 'extra' attributes +# to be sent with your certificate request +# A challenge password []: +# +# Issuer +# CN = ca1.example.com +# Subject +# CN = clien1.example.com openssl req -key client1.key -new -out client1.csr + +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:client2.example.com +# Email Address []:. +# +# Please enter the following 'extra' attributes +# to be sent with your certificate request +# A challenge password []: +# +# Issuer +# CN = ca2.example.com +# Subject +# CN = client2.example.com openssl req -key client2.key -new -out client2.csr + +# Country Name (2 letter code) [AU]:. +# State or Province Name (full name) [Some-State]:. +# Locality Name (eg, city) []:. +# Organization Name (eg, company) [Internet Widgits Pty Ltd]:. +# Organizational Unit Name (eg, section) []:. +# Common Name (e.g. server FQDN or YOUR name) []:client3.example.com +# Email Address []:. +# +# Please enter the following 'extra' attributes +# to be sent with your certificate request +# A challenge password []: +# +# Issuer +# CN = ca3.example.com +# Subject +# CN = client3.example.com openssl req -key client3.key -new -out client3.csr openssl x509 -req -days 3650 -in client1.csr -CA ca1.crt -CAkey ca1.key -CAcreateserial -out client1.crt diff --git a/integration/fixtures/https/clientca/ca1.crt b/integration/fixtures/https/clientca/ca1.crt index c8cda8255..7f76bbd8e 100644 --- a/integration/fixtures/https/clientca/ca1.crt +++ b/integration/fixtures/https/clientca/ca1.crt @@ -1,20 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDMjCCAhqgAwIBAgIJAKXHiSnQw6LqMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV -BAMTD2NhMS5leGFtcGxlLmNvbTAeFw0xNjA2MTgxMzAyNDdaFw0yNjA2MTYxMzAy -NDdaMBoxGDAWBgNVBAMTD2NhMS5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAL9ZNf1Pqu30i/DUyAAbEVFfCvGEmN9hfGAK44IrBqfC -1ziW2Lfg2AkswNIC/T6M+lcoN0ftPhJpnP2Cdz9U/gF9FMd/XAGY/SOiun7wC8so -qdab7CMDlHP1c/XiL7lGEdm9RfynLcJ5JJn2X7mXwEZTviFtiJVmaoAl3TVNy3MZ -ZyfjNac9sA5idpX66TpVO9tE1gu71nRkBvTEzO/IYv8rcWQmogvH7DN3UurP3RUK -weij01rekG3OOOXUlQgZO6mhuvrKes9Xoc901bmTkOgTq7wIFf2AZozU4wy6kZfM -0sdzmjMpuEr7oROepvtzFiVyNIEGDJ3QvEEY4QJaFvcCAwEAAaN7MHkwHQYDVR0O -BBYEFFyJ/cSOOvcsfu+WLZbi/u3t8W/uMEoGA1UdIwRDMEGAFFyJ/cSOOvcsfu+W -LZbi/u3t8W/uoR6kHDAaMRgwFgYDVQQDEw9jYTEuZXhhbXBsZS5jb22CCQClx4kp -0MOi6jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCOBLJJF0esBVLX -xmj0xa0TREXTxco40e/fmUU1cGYgl1UCCZI7MLDcl6k6Km9Sbp/LCpZx88mtLwGY -wUss2mQ058kqiUrpb/U8xEbglLrRtsp1y8z7lood/8ru39zj1/9X4MFyqNi6390I -zxZNf2QauUS1TMxgv6UhVE52JaAL+sn2hqA6IaSYeT9NFzFsulCr29mxlIC9SzUr -Mbqri9LKX5aciy78+hQBKdXoJ5raRwttBvULabOrLhZdyvvL6QfcdgRV+JOT7vKn -htQahWSKoqhdpM6Q2pXP42/MyuKXFB5Nk8fnFiIoXH0Bs9vlPLOvToM2jYJ+LlDd -85qbL4eP +MIIDFTCCAf2gAwIBAgIUd9ORKqy5CUX4DnPlEEZ/d+IiUvYwDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPY2ExLmV4YW1wbGUuY29tMB4XDTIyMDgwODEyNTQwMVoX +DTMyMDgwNTEyNTQwMVowGjEYMBYGA1UEAwwPY2ExLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8AxPNLi5i9HrE2EdUgrKNIaLHaZP +44hVkqbt6eKlTTs2u9TUNQM+DFPOHhZ5vyRCEthNv1gXhIY0K7qcJZd8Ot1+h+Yo +sEoSU3i4WCeYhG5QWgcRmxPsZ40HGd943HkyFPE3MIAkviZ2oLxoU7Iw3F8Ly2n+ +5oFJOlPrIMKYF4JmMpa5WqHwjAZBkNa9avrjXmNaPHTB0a7DRCeq+qackoaseTJ2 +X0wfFSZsd4d0anyhYKaUlJGe8bSukkyXKzl//15zWf9TBtCf+gi38Iprn5jpr8hj +We0o7393UmXwQyKvPZds46p3l4Lx0PRcqf867pBtbpTVJiLVr48G462aPQIDAQAB +o1MwUTAdBgNVHQ4EFgQURvvnzmb0HYP3fSIlUKBTuUljwJ0wHwYDVR0jBBgwFoAU +Rvvnzmb0HYP3fSIlUKBTuUljwJ0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAcBY+kp7Rn4pfJXKCusgaLQ21SKuZXecnZeXYUn8TwUgfjL+oNVzh +ftQq6kD+CaYXFwAzYMi43nbJevMULqsH3R14ZTeE2zBKu+u4Q+qYQEPfVV59OfQj +FxlS9yhmOnQK3FofDNbBXMpV50Zbadgq3uYL+2DiO/bTpZ2zM7jaBJkv6PRhgXM0 +lw9Qg9lhQWShWocMXlSS5QTddNlDBLxWI70GARS1Qj6bjhF4WMV04/aAd+m7tVgD +ygfs3+y3lvfZxloUDoatVs6sM/03MgZFwSPNWryRzMol3162pPnm6B2PtWsCcJvu +YnXB6GI9cjYqjofBUQL/OgWBqgyghUbtMQ== -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/ca1.key b/integration/fixtures/https/clientca/ca1.key index 47203bf02..c8b847cbb 100644 --- a/integration/fixtures/https/clientca/ca1.key +++ b/integration/fixtures/https/clientca/ca1.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAv1k1/U+q7fSL8NTIABsRUV8K8YSY32F8YArjgisGp8LXOJbY -t+DYCSzA0gL9Poz6Vyg3R+0+Emmc/YJ3P1T+AX0Ux39cAZj9I6K6fvALyyip1pvs -IwOUc/Vz9eIvuUYR2b1F/KctwnkkmfZfuZfARlO+IW2IlWZqgCXdNU3LcxlnJ+M1 -pz2wDmJ2lfrpOlU720TWC7vWdGQG9MTM78hi/ytxZCaiC8fsM3dS6s/dFQrB6KPT -Wt6Qbc445dSVCBk7qaG6+sp6z1ehz3TVuZOQ6BOrvAgV/YBmjNTjDLqRl8zSx3Oa -Mym4SvuhE56m+3MWJXI0gQYMndC8QRjhAloW9wIDAQABAoIBAGJ9g8mn6R5kImfK -zksno4lTt2lLS/im0AMLd8E3bkyJgIgTNOeopupKC9HNUhaRMAYOoC24kpudmv3t -2n1RvRB9FmX9SxlTavCdwQq3egqPGqRpS2lWXWI2dAKa8t+VjniZ8N00G9yeyFUr -OGhqEMDiN9oy6/uiZK0jUDIwocjS5FZMBh+epM7/CnKj3uvqarmFXKcJ4ni28ww4 -RPrXDm+VvXa30/hK8q8Eo3C3u39TMvNEaRqMP/zqRY89fbpd1+Okno79dugFhz7D -r/Jae9z4ChFBXegDmA/OkWOdLY5LyvwvpJpONjD/5wImY1OAJlFTg7S+2FcSVvCF -diUJ7/ECgYEA9pHYlJsWAo/izRUVhKRtBAVVjnlidxExuvOGNXpyPjZd5ruXochu -J6tAKA0rSE4RsISFVCrkQmjDgjyKa2D+o/hsTTlW3yrD4TSLI8/MrDtfCw9XRqeE -KqfeqT79Hh0icnsUVYH4eoND9CKuJ/B9NcdyUqRPm7Pnrx07SnhGHd8CgYEAxqqy -MPIDO2dadRqUIhWwMPIBegkZC1eeuv4pNEyukZc4+pXRshKXhvhmvz5NgsaSsKxZ -O6FgqzgTceLEubVYF4hvy1TC+3Fc/PFvh4Fo3SKjtiJRJjRREDWBu6hl16Cw/83j -k6Im//8WD1ri9iFf8RjrBwYH1xHqGTkNEUHl+ekCgYEAzlIWD6uCDFzIJGGLIvXP -fvjTsadivE039r7Fw8QVCnfFtUetxyOHAUysH5d9a0BgTvtk8Zv+ao9tYXI1RUrh -aOV8AlaDmbQYOj8UWsAL/OalTgTlO+r6jhLwH2DkvqkUZQUWa8KY4DMszoGihysW -KsUcpYh2UMyGhqKINXVU/rMCgYEAqJxbG9trDtHLHjRuoPcTUJc01aQ/EzdMSpxH -0FF8n6he/Z6GGMJaxHyyh4GTO3jZKwU7vrZaWzb+mdvC53KXz3FGoKXRzqIKL8uh -wrn8jCJIG97ITMp+OmmPL/veY8HIN3NAwR4QR5jx2hpjIk51JSTm5FEj+k8EBmA7 -TPhG/XECgYA9e9B0jgR2aFSAWzpGMZYPW+NdGQlySv94AJmfF8U5J7PmU2BojvVn -bhWNSQk2LI/mTjLgB+liYtLqFGkgIrJdbBOQ8hKSBPGQltSR0Dvf0ZK/0F1hqDTW -m3AUvPZthNMNJIYkTav5a246tyKkmg11nUQsgoqdxCrEiLyv48PFnw== +MIIEpAIBAAKCAQEA8AxPNLi5i9HrE2EdUgrKNIaLHaZP44hVkqbt6eKlTTs2u9TU +NQM+DFPOHhZ5vyRCEthNv1gXhIY0K7qcJZd8Ot1+h+YosEoSU3i4WCeYhG5QWgcR +mxPsZ40HGd943HkyFPE3MIAkviZ2oLxoU7Iw3F8Ly2n+5oFJOlPrIMKYF4JmMpa5 +WqHwjAZBkNa9avrjXmNaPHTB0a7DRCeq+qackoaseTJ2X0wfFSZsd4d0anyhYKaU +lJGe8bSukkyXKzl//15zWf9TBtCf+gi38Iprn5jpr8hjWe0o7393UmXwQyKvPZds +46p3l4Lx0PRcqf867pBtbpTVJiLVr48G462aPQIDAQABAoIBAGCZQ4J+18QJbKT2 +zrrGNsreXbtHwxxYL799R354Q3cJ3iPGKMNQk7aYPvjiqImfyKsWumrGw2gELZhv +VwjVpht2KMX9e+A9XpSSnvRysrCQR+uCrrYOVXLyUKo7wMJQTzQYQdJVrvOKPPDA +AOe1bG4yHWf1NquB2XsMbDFZvaSvgHafm5ZGs535TB9hejJ5CvWGaX98RC5lBIsk +VMQkRh5A7kynUhcb2ITajaIzNpYtGYaY4arpSrXJ64cmykNC69uviVvYnH6LMnSo +iwBpgooopK0PsDqfQiqpoo9QwvYUfmv0OooDjeilTUkLWsmn7lPkzaWaHOSC0bLJ ++04zzo0CgYEA+BSoMb/JD/VbTo1nOyYMGC+KPc2auyl3OwwzFIjRNhY7gTKnSxjK +a4k4mjtbOqVG6xQawmyP4wdgMgzndjD+gyKArG5QIUrwjtk2NBoW2FCkcUGEv8L/ +qhrPcgSKAWPz8rgfSP+veIWPuMQfgngFwFlYL9q9YV512gD0kNUOkjsCgYEA97YC +T3EfxwsLalzjdjuy/ria0lnZJVqFX0/py2Qlf8bNpM9YvAe7llJxrMxF7AEunAt3 +mVCQBXuvSBpnC/ii/vkUl2lPscukawP2tx6i/nxIzjkgCAOcceRspJrBCFggRykf +C6ZrHJ2wQ+2eGOvL4EEvkSjfujoBoA/8bpS9hecCgYBVJNnZQUajuIUe/78neNZ7 +0o0yywdJJ2EpnfVGHfMYCidgH191kcufftgzbx3Pkfw2II9SnWoA9H4aj309fnFL +1qKtC6tq0cqgbIKC/VVL5tmZmXATVLzkyBDcxBwNgB2w92qdZkv2JHkAZCegYssu +ijuPKRcIfSAbs2o87zLyEwKBgQCd4tjeIdCLYbLI/KPOvIZ+bNPht3r8oBHaimkO +RqrQIrr4jWCVmKgsTChAZ4M5xhcbRwPYKM1jcU5rushrjPL3aXOCfpFZVd9ahpA+ +b7ycUENnjmmoMgUJYvsMf8cBton8UW2EU3J6Ltgms9HNOJ4eNe5Hq7HOVSKsDwRq +x0t1iQKBgQDSbmsLFg91TqG3iBRY58vcJFxSUZWBSYn0v5TJBcoJn7ryPIwgNDSH +gcJKB0N7P7tR8fmkeCNFYixuUhUhMQRgsJ+alOoHzOI/TkD0dUXECHykppy2oxVY +/rpxpjrhEqzM0TovTXTTQzvHKgJraAdEurDTJk0zPAwsoF+kwpRGZg== -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/https/clientca/ca1.srl b/integration/fixtures/https/clientca/ca1.srl index e2ddcc3e6..d88776641 100644 --- a/integration/fixtures/https/clientca/ca1.srl +++ b/integration/fixtures/https/clientca/ca1.srl @@ -1 +1 @@ -83E81F36599F4400 +83E81F36599F4402 diff --git a/integration/fixtures/https/clientca/ca1and2.crt b/integration/fixtures/https/clientca/ca1and2.crt index 871d3a94b..421289fd0 100644 --- a/integration/fixtures/https/clientca/ca1and2.crt +++ b/integration/fixtures/https/clientca/ca1and2.crt @@ -1,40 +1,38 @@ -----BEGIN CERTIFICATE----- -MIIDMjCCAhqgAwIBAgIJAKXHiSnQw6LqMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV -BAMTD2NhMS5leGFtcGxlLmNvbTAeFw0xNjA2MTgxMzAyNDdaFw0yNjA2MTYxMzAy -NDdaMBoxGDAWBgNVBAMTD2NhMS5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAL9ZNf1Pqu30i/DUyAAbEVFfCvGEmN9hfGAK44IrBqfC -1ziW2Lfg2AkswNIC/T6M+lcoN0ftPhJpnP2Cdz9U/gF9FMd/XAGY/SOiun7wC8so -qdab7CMDlHP1c/XiL7lGEdm9RfynLcJ5JJn2X7mXwEZTviFtiJVmaoAl3TVNy3MZ -ZyfjNac9sA5idpX66TpVO9tE1gu71nRkBvTEzO/IYv8rcWQmogvH7DN3UurP3RUK -weij01rekG3OOOXUlQgZO6mhuvrKes9Xoc901bmTkOgTq7wIFf2AZozU4wy6kZfM -0sdzmjMpuEr7oROepvtzFiVyNIEGDJ3QvEEY4QJaFvcCAwEAAaN7MHkwHQYDVR0O -BBYEFFyJ/cSOOvcsfu+WLZbi/u3t8W/uMEoGA1UdIwRDMEGAFFyJ/cSOOvcsfu+W -LZbi/u3t8W/uoR6kHDAaMRgwFgYDVQQDEw9jYTEuZXhhbXBsZS5jb22CCQClx4kp -0MOi6jAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCOBLJJF0esBVLX -xmj0xa0TREXTxco40e/fmUU1cGYgl1UCCZI7MLDcl6k6Km9Sbp/LCpZx88mtLwGY -wUss2mQ058kqiUrpb/U8xEbglLrRtsp1y8z7lood/8ru39zj1/9X4MFyqNi6390I -zxZNf2QauUS1TMxgv6UhVE52JaAL+sn2hqA6IaSYeT9NFzFsulCr29mxlIC9SzUr -Mbqri9LKX5aciy78+hQBKdXoJ5raRwttBvULabOrLhZdyvvL6QfcdgRV+JOT7vKn -htQahWSKoqhdpM6Q2pXP42/MyuKXFB5Nk8fnFiIoXH0Bs9vlPLOvToM2jYJ+LlDd -85qbL4eP +MIIDFTCCAf2gAwIBAgIUd9ORKqy5CUX4DnPlEEZ/d+IiUvYwDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPY2ExLmV4YW1wbGUuY29tMB4XDTIyMDgwODEyNTQwMVoX +DTMyMDgwNTEyNTQwMVowGjEYMBYGA1UEAwwPY2ExLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8AxPNLi5i9HrE2EdUgrKNIaLHaZP +44hVkqbt6eKlTTs2u9TUNQM+DFPOHhZ5vyRCEthNv1gXhIY0K7qcJZd8Ot1+h+Yo +sEoSU3i4WCeYhG5QWgcRmxPsZ40HGd943HkyFPE3MIAkviZ2oLxoU7Iw3F8Ly2n+ +5oFJOlPrIMKYF4JmMpa5WqHwjAZBkNa9avrjXmNaPHTB0a7DRCeq+qackoaseTJ2 +X0wfFSZsd4d0anyhYKaUlJGe8bSukkyXKzl//15zWf9TBtCf+gi38Iprn5jpr8hj +We0o7393UmXwQyKvPZds46p3l4Lx0PRcqf867pBtbpTVJiLVr48G462aPQIDAQAB +o1MwUTAdBgNVHQ4EFgQURvvnzmb0HYP3fSIlUKBTuUljwJ0wHwYDVR0jBBgwFoAU +Rvvnzmb0HYP3fSIlUKBTuUljwJ0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAcBY+kp7Rn4pfJXKCusgaLQ21SKuZXecnZeXYUn8TwUgfjL+oNVzh +ftQq6kD+CaYXFwAzYMi43nbJevMULqsH3R14ZTeE2zBKu+u4Q+qYQEPfVV59OfQj +FxlS9yhmOnQK3FofDNbBXMpV50Zbadgq3uYL+2DiO/bTpZ2zM7jaBJkv6PRhgXM0 +lw9Qg9lhQWShWocMXlSS5QTddNlDBLxWI70GARS1Qj6bjhF4WMV04/aAd+m7tVgD +ygfs3+y3lvfZxloUDoatVs6sM/03MgZFwSPNWryRzMol3162pPnm6B2PtWsCcJvu +YnXB6GI9cjYqjofBUQL/OgWBqgyghUbtMQ== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- -MIIDMjCCAhqgAwIBAgIJAKjhXgiuPQexMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV -BAMTD2NhMi5leGFtcGxlLmNvbTAeFw0xNjA2MTgxMzAzMjJaFw0yNjA2MTYxMzAz -MjJaMBoxGDAWBgNVBAMTD2NhMi5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMx8S4U3tdeMGn1NEUNWCmD7pIYUCUhtORrn2rqF5b2M -ZQJZXAIfWJ7KrGjn8W7KPx8/V2FREHF1Z6v1fpB2rfCIFo97HszhQEt6lduKup2j -09ItpFjec7RahwaMksYDwl4PaxgKe2OYdLFJ/QIv8+I01vWPXFmHgZkBHQWhR5nV -TvGM6MU834e+PXxCXfcaC8VYpbHYKYxHmM5Sxa5V9WlppBBshB0OL+KrCPXwPqHl -StZPkG2p2qJUjCZ38uDx605RYaORZ0eDhrKj4M3lJzOTTcC4I77BzTb74+GcRT+R -lJMrWrS22jNZONnawBdbTWIFM4PzaqVvE7qVwZK1M5UCAwEAAaN7MHkwHQYDVR0O -BBYEFPooSq3ZvoyIzRQ96/dwUC0LDBvRMEoGA1UdIwRDMEGAFPooSq3ZvoyIzRQ9 -6/dwUC0LDBvRoR6kHDAaMRgwFgYDVQQDEw9jYTIuZXhhbXBsZS5jb22CCQCo4V4I -rj0HsTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCvRgu11LrF7G9X -yuvUwBZJ8FgjAMPwXQIAYg47tlvD9ZDiZgXVulWOm6aHpT520MjNO9f0oKpsrSsh -7bsO4GSkbTPgGekbw4P3JtXAvlBEB5uabpdmF37Pg9s7dU/MeXCElzWF+yLVAo7o -Hj1UlENxh08FzlErNw6Djy2FZAADeSZ3LmHUl+50rrp5/DxrEhkHFm8dTTjFVPnK -KrnYLM8R7+v2Ysk6hTy4kwyiTKVZurK7ELRvS0RxWhtbVCXJ2HS1lv/LgEH1hyIP -SwvyZ25JhcGrBAL/jpzTxdDEGsPfUSVfrUhrhDWxg0dzY+ptwdTWHqxyR2YKmOgU -dKYIz/nK +MIIDFTCCAf2gAwIBAgIUIWnDZc2Ul/6Jjwl1ebxLY2X2WW0wDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPY2EyLmV4YW1wbGUuY29tMB4XDTIyMDgwODEyNTUwOFoX +DTMyMDgwNTEyNTUwOFowGjEYMBYGA1UEAwwPY2EyLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u67vlS3M+Camru1bEbatPmfJaya +Ovjr0tRzRGzos4V2x4S/j5FSM9a5K2aOaR8LzGlVqAzbBrweY0JJ4BeHmC8istkq +0PPyVYb8w3oLyORwIOF+MxMoHyAGUgzQCPe4uSiqEU3nCtKQlw+MtDuMRYRQMh/M +45AmUot4ZirAmkZd7UmC6HTPFMHVTmLaquvmuLV17278zKN+g8d2HRQRaSGBLVF4 +mScwulQJdpoDWdRljpa6oe6pzXjzMqcNwQd8j9zJefs6HFo1xw8DzJUO86PIPzG6 +ZLRlOUvM/D30LBwQLXEDaGxy0Lu9z8q02JX0n0/S++tOXPVB+8Q5hNtTiQIDAQAB +o1MwUTAdBgNVHQ4EFgQUZxCwBVEPiTUcnU6bSGQaALZdPP8wHwYDVR0jBBgwFoAU +ZxCwBVEPiTUcnU6bSGQaALZdPP8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAeVbg19gee+RkL8KMRshCllk2PSnAm6GqSqopAzaJqQg26r+rPWdK +LAelyB6h/UegXzFY7D59jURoAES29Bftje+OCxVoeYVamDj/1cqqdspmTdBfGj8e +25ys++7fl0DLTmGbpLjDFkVw52o8KF56EdZ26ZSHVCqurQACF6BmSed23NasA1VL +a7HErJv78gR0vIDIsJfxFic2ssEkuAOL1vVTf6sJtc/mD5Q7R/inDsn2kl/7/sfo +JRMsUvqT9glNKnrr5vLPwJGhEcS5WgpWdsFD0elB3GoHYJen8EoHYZ+gANPa2rSu +AiwDPiHEPM9AFUZA9MQMfzsXobZP7WElWg== -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/ca2.crt b/integration/fixtures/https/clientca/ca2.crt index d4be4b48e..6828076bd 100644 --- a/integration/fixtures/https/clientca/ca2.crt +++ b/integration/fixtures/https/clientca/ca2.crt @@ -1,20 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDMjCCAhqgAwIBAgIJAKjhXgiuPQexMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV -BAMTD2NhMi5leGFtcGxlLmNvbTAeFw0xNjA2MTgxMzAzMjJaFw0yNjA2MTYxMzAz -MjJaMBoxGDAWBgNVBAMTD2NhMi5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAMx8S4U3tdeMGn1NEUNWCmD7pIYUCUhtORrn2rqF5b2M -ZQJZXAIfWJ7KrGjn8W7KPx8/V2FREHF1Z6v1fpB2rfCIFo97HszhQEt6lduKup2j -09ItpFjec7RahwaMksYDwl4PaxgKe2OYdLFJ/QIv8+I01vWPXFmHgZkBHQWhR5nV -TvGM6MU834e+PXxCXfcaC8VYpbHYKYxHmM5Sxa5V9WlppBBshB0OL+KrCPXwPqHl -StZPkG2p2qJUjCZ38uDx605RYaORZ0eDhrKj4M3lJzOTTcC4I77BzTb74+GcRT+R -lJMrWrS22jNZONnawBdbTWIFM4PzaqVvE7qVwZK1M5UCAwEAAaN7MHkwHQYDVR0O -BBYEFPooSq3ZvoyIzRQ96/dwUC0LDBvRMEoGA1UdIwRDMEGAFPooSq3ZvoyIzRQ9 -6/dwUC0LDBvRoR6kHDAaMRgwFgYDVQQDEw9jYTIuZXhhbXBsZS5jb22CCQCo4V4I -rj0HsTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCvRgu11LrF7G9X -yuvUwBZJ8FgjAMPwXQIAYg47tlvD9ZDiZgXVulWOm6aHpT520MjNO9f0oKpsrSsh -7bsO4GSkbTPgGekbw4P3JtXAvlBEB5uabpdmF37Pg9s7dU/MeXCElzWF+yLVAo7o -Hj1UlENxh08FzlErNw6Djy2FZAADeSZ3LmHUl+50rrp5/DxrEhkHFm8dTTjFVPnK -KrnYLM8R7+v2Ysk6hTy4kwyiTKVZurK7ELRvS0RxWhtbVCXJ2HS1lv/LgEH1hyIP -SwvyZ25JhcGrBAL/jpzTxdDEGsPfUSVfrUhrhDWxg0dzY+ptwdTWHqxyR2YKmOgU -dKYIz/nK +MIIDFTCCAf2gAwIBAgIUIWnDZc2Ul/6Jjwl1ebxLY2X2WW0wDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPY2EyLmV4YW1wbGUuY29tMB4XDTIyMDgwODEyNTUwOFoX +DTMyMDgwNTEyNTUwOFowGjEYMBYGA1UEAwwPY2EyLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u67vlS3M+Camru1bEbatPmfJaya +Ovjr0tRzRGzos4V2x4S/j5FSM9a5K2aOaR8LzGlVqAzbBrweY0JJ4BeHmC8istkq +0PPyVYb8w3oLyORwIOF+MxMoHyAGUgzQCPe4uSiqEU3nCtKQlw+MtDuMRYRQMh/M +45AmUot4ZirAmkZd7UmC6HTPFMHVTmLaquvmuLV17278zKN+g8d2HRQRaSGBLVF4 +mScwulQJdpoDWdRljpa6oe6pzXjzMqcNwQd8j9zJefs6HFo1xw8DzJUO86PIPzG6 +ZLRlOUvM/D30LBwQLXEDaGxy0Lu9z8q02JX0n0/S++tOXPVB+8Q5hNtTiQIDAQAB +o1MwUTAdBgNVHQ4EFgQUZxCwBVEPiTUcnU6bSGQaALZdPP8wHwYDVR0jBBgwFoAU +ZxCwBVEPiTUcnU6bSGQaALZdPP8wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAeVbg19gee+RkL8KMRshCllk2PSnAm6GqSqopAzaJqQg26r+rPWdK +LAelyB6h/UegXzFY7D59jURoAES29Bftje+OCxVoeYVamDj/1cqqdspmTdBfGj8e +25ys++7fl0DLTmGbpLjDFkVw52o8KF56EdZ26ZSHVCqurQACF6BmSed23NasA1VL +a7HErJv78gR0vIDIsJfxFic2ssEkuAOL1vVTf6sJtc/mD5Q7R/inDsn2kl/7/sfo +JRMsUvqT9glNKnrr5vLPwJGhEcS5WgpWdsFD0elB3GoHYJen8EoHYZ+gANPa2rSu +AiwDPiHEPM9AFUZA9MQMfzsXobZP7WElWg== -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/ca2.key b/integration/fixtures/https/clientca/ca2.key index ff9d9771e..260a8ebb1 100644 --- a/integration/fixtures/https/clientca/ca2.key +++ b/integration/fixtures/https/clientca/ca2.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAzHxLhTe114wafU0RQ1YKYPukhhQJSG05GufauoXlvYxlAllc -Ah9YnsqsaOfxbso/Hz9XYVEQcXVnq/V+kHat8IgWj3sezOFAS3qV24q6naPT0i2k -WN5ztFqHBoySxgPCXg9rGAp7Y5h0sUn9Ai/z4jTW9Y9cWYeBmQEdBaFHmdVO8Yzo -xTzfh749fEJd9xoLxVilsdgpjEeYzlLFrlX1aWmkEGyEHQ4v4qsI9fA+oeVK1k+Q -banaolSMJnfy4PHrTlFho5FnR4OGsqPgzeUnM5NNwLgjvsHNNvvj4ZxFP5GUkyta -tLbaM1k42drAF1tNYgUzg/NqpW8TupXBkrUzlQIDAQABAoIBAGFMg2LQL2Zw8+nL -UfuIZUfgdViXEBO2ZQW4bQtzyu12cFm9y1n3MGPebEs+klL1STPFH/7eY8SY6MuZ -9K8oyXs6RgHfw7gZNk6z9bqROFrqKVBJB3qB3uxiZv1mxjASednn3D2EP1IUqPHz -EsCHsLRiECaoIHk5USFMtlKHe1pmmsvQrQX7EV9Qg0VSGvQlgxc/Pcg/WeB6uT6u -CS2serWpUE2dBUTJisnUuL7F5/3JbPEPbUG4eeTcO8IafvgdOgFEc5qUlYCFFai0 -fvjSabXrJO9QE1Huw0gyC/5FHlVr5x4aJ8NzPKcMRYqn7jpdwA0eyLyBo/KtPIbJ -6s0PFAECgYEA98cKuyaBXpPyG7/Y0C89Mzlt5+Qr0fpPksH6GEelPJVdhrdXP32W -66ROgCVZpf2pQeCCHfXyWdZQwEdSf+8ee1DJMSNgIm4Usqp6yIDS0iZ7pPWz0KSI -un/dm3lRE7hFMIQfbNf3rA0WD8Ani3c76eZruwQ5DNdXNOM+z1DN38UCgYEA00V4 -6UOCcA3romkXuIyeyh/tuJ6K1J3ApUxA+E42f4raSMSMgnlAwpL0Wmt11bBOmToi -UAtwFcTfJRJSOvfmM/nd66592FAV/D4xcDIiNGh4xNDi8LSKmSj0WRYPU3YjkdFN -SwI48LmQKMfj3P8fClazKsdcDccfO4pyhEK98ZECgYEAt8QZw1/1hw22/Lm2tgCz -JTCswNXLYjqBldjkAenxNROaf/WucdpVeoMr7YLGEIQnakJ2fn4QtmxrC5BaMaRJ -OTBbZ2RTQnXeR/yEf/x7X31HKrtIF7BP7/Ixi8PYTAXY2vjCzdkHScWS3S+opJlU -CE/rCpNBNLLpbMI1rVDCv/kCgYEAkP3/sg67yQ00prx7JBOVsl/hNK/R1YMCQC8p -838x1axEjGYfjDeM4zwZaKiRMPsTpgMIo2iGHtqCzh1Zw9B38znLPMD+6uJjhD5m -jXpKkS8VmvVEmi89Y0mBEFacZAoS9TLwWccHruWa8vHkBror4luIEJbLLUV3wNQO -LYjkdJECgYBcIjZ1iQiOmFL8lm/JlPOs2JcT33fjnubreHkiG42dZFN2S8D5MdU5 -JBP6IVVllPmbptw9T4wcw+bjVa0LQtQMGZLMxdx5nJp5dmFE0Pj8MjLpLy641Vlx -5sv2O+eRpt4yCiuHcuvDrKPGTyM2YqF7ilQwSC5Cfki155InnU2QUg== +MIIEpAIBAAKCAQEA0u67vlS3M+Camru1bEbatPmfJayaOvjr0tRzRGzos4V2x4S/ +j5FSM9a5K2aOaR8LzGlVqAzbBrweY0JJ4BeHmC8istkq0PPyVYb8w3oLyORwIOF+ +MxMoHyAGUgzQCPe4uSiqEU3nCtKQlw+MtDuMRYRQMh/M45AmUot4ZirAmkZd7UmC +6HTPFMHVTmLaquvmuLV17278zKN+g8d2HRQRaSGBLVF4mScwulQJdpoDWdRljpa6 +oe6pzXjzMqcNwQd8j9zJefs6HFo1xw8DzJUO86PIPzG6ZLRlOUvM/D30LBwQLXED +aGxy0Lu9z8q02JX0n0/S++tOXPVB+8Q5hNtTiQIDAQABAoIBAQCVRaORd0xLJzji +JdKnNKFUD49jzvk6oKvrALQuCVDIsruzSKt0A2iEDQHvx90iYXktCKI4khhydLCg +l+nF74Di3wCURwF47BpkEmpQP8+VNKxxaIKxzG3JURWH/U8/+Wc9iZyJMHNAAnGW +pcdySO3kyFUkk8KgjIPCSLdEvh6dTcQEjWmyFQAl5DCZZZ6wbs39EFGLtFXO/27D +nkrEyMZh1Lo5QbQjYyqhz3iJVenrc1yc2iubF+0N7iZk3xuMNhMMvbSN6YfcTYn4 +FaH4XwG0OdFUMzXeI9wEen+VA30uD464ovxbtpQrDOx7bZAHUy8nGp2zyflrvv7p +A8KparFtAoGBAOn21mp2qfo4XihkeawQ3i/eV3b4Aqfcl+sBq0AnOlTUfdCARGx2 +ciNXgHRwODoAqWf5PtDxzH3fc4EUQWDDgpxVJNMA2yOpCwzgNePzvdv3iTBkB1My +uplkh7pXRkLGv+qyDgy+On8xrHPhBBxMWogT57MXlmy4YYDEjAwGU+ErAoGBAObM +kxB/tZF0VbrZCpTdnjPBH6tR+w2IUSMkgvx3YRc9Lx5TYK+TFmMkDjG/enr88rYA +kMe6qBzfajfGZKhlaHyG/0rxnuvpJHUjD0XSpF97z6uzETjADMLcE6O48AT6cxZw +irpO4eZG0haobSsGlka6K9bMG3KGy75NHNAIdbwbAoGATMhZbe8rsZa2MANpevK+ +OG97vOt/058trE6L6S32ksh50eeGjSICK18YJR5/FWoKLrk5yFDSj6y5t27yVdNU +FgJLZ4QsZvOfUMZ0aS8g7AO83ki1rrRDUPwRHzJtOJUJfviYa84yXHPs6Mq8Ep1s +SKRfsgLXty57sUrPu1KITKkCgYEA5Ix8rX/pywoKwyaeheAYA2Qg+kQKedIdltFX +LK8C5EJgYIVsXzEmoDJaJAVbQmMt7fENbdt3EnBi/KxnjSIun/IG6K3wE+khgyWe +wCPhRfSTJ5IBYdM8T9IjWKOQez2Prg7wMaJfrOtAq9NJl6vEMHG3a9Ne8sBtDhvK +hm96NzUCgYBhgRVgTdkRN/mtvwwpCM6+uCKqcLxfzaP8WBPNjCpAnHUhtjTzIu6d +rV4KmY4YwP2hpPerHTAFFF0xIGmK8LFf8yYgHZfGmU4RyXkcXPy5V/W+9HoL3BZJ +taP552nYQgjHYS8a1b0S1KOZdi9aD1XkUAr4yYY4XjtQOAnxxV00ng== -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/https/clientca/ca2.srl b/integration/fixtures/https/clientca/ca2.srl index c031015d7..4de48e6c1 100644 --- a/integration/fixtures/https/clientca/ca2.srl +++ b/integration/fixtures/https/clientca/ca2.srl @@ -1 +1 @@ -9EAC6D05226C2216 +9EAC6D05226C2217 diff --git a/integration/fixtures/https/clientca/ca3.crt b/integration/fixtures/https/clientca/ca3.crt index 4271bdacf..4bcd0a398 100644 --- a/integration/fixtures/https/clientca/ca3.crt +++ b/integration/fixtures/https/clientca/ca3.crt @@ -1,20 +1,19 @@ -----BEGIN CERTIFICATE----- -MIIDMjCCAhqgAwIBAgIJAK/JGxwwmv1jMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV -BAMTD2NhMy5leGFtcGxlLmNvbTAeFw0xNjA2MTgxMzAzNTNaFw0yNjA2MTYxMzAz -NTNaMBoxGDAWBgNVBAMTD2NhMy5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAO0B9iUp5w0m1NWC9QYWhxSE/emmmKcx99DWnzKZoIbj -TSRQtyhx+9c2z1dYAFZQpdVRSKQFn1IO8s51wlIc01KLFflz4EvSfAKZiAnkOOez -wzVQ8JWgKfOJV/ZctFPo4xtdhQmO1+U+YgSfU0ASEhHvHbIPTUJNRTfkJsGygq4q -/p9uA1TsjM4bh6AkiD1OlGjp0lbkzn3LLYpXWvgGsuejsdVkJS5pn2NKjkqVhhEg -g7hKKqm8Nc3mb+vGhw/fNppN/xeOswpMPaW77LppyFoDd/OmqqWrbzn2Fqw1nELh -zfo7AkKPyRm8eU3wSTIdmaXx1R5qPjqEmYrrDZ2HXa8CAwEAAaN7MHkwHQYDVR0O -BBYEFMR6dBZAeGgkxwSC/62xGwLEdXCdMEoGA1UdIwRDMEGAFMR6dBZAeGgkxwSC -/62xGwLEdXCdoR6kHDAaMRgwFgYDVQQDEw9jYTMuZXhhbXBsZS5jb22CCQCvyRsc -MJr9YzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQB3VgvPnLEEfbj4 -Z61q8oKneklZV+WpDyWSodI6M1l/0pXJCTDRROJ37KaQHLJRQo+rMJiYKvQkCU+y -9JhLdRdMEzy++9hIWiNbDiy3BNMUiQOS1234WVFBosQ6uXNhXbL/Anl4xgiFFRZG -FehjPo0XRvxmBHnrnE1Rce0EmU/1bwVglu8e7mG5bs0gQrXTRlTkxvucyi+B6npF -2vuzxj4q+KgeEYURxCt95JoULtMY2c0VifcdweYDO/2sYEhOVi1N+PhPvZxJD6vR -CxIuT6K3nRe58b1J/f7TH/dvURIb1mVG8+EDQVqa1bzH3JfytsIVG5VL1hppQlgZ -Y0G4haMn +MIIDFTCCAf2gAwIBAgIUE2XAk+pNqunIIlDljfERtUQU22UwDQYJKoZIhvcNAQEL +BQAwGjEYMBYGA1UEAwwPY2EzLmV4YW1wbGUuY29tMB4XDTIyMDgwODEyNTUzNloX +DTMyMDgwNTEyNTUzNlowGjEYMBYGA1UEAwwPY2EzLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrtum7YU8772bC1PwTYoydk7dj0Z +Ku0JQ/rNnesN/PG7vUmdidz5s0j181MSdogyT6tf/w0derMVwBtu1SR1eF1i0Cm2 +5MCEAn8rAz+S2DpLitM+VrgqjJUEzyAhQyGT0nXWXObU2Y483fvC59iJklKGYje7 +ezP7cfMJwOO0Ox4NRNY05qKWoLjwWvn7gGSrXeeuoJgwTpPe+aZOEi/Hf05jb4UZ +KvJCd0SGrk4NU5PmXL7x6NjskXBDwM9hgRTvKM8J9chLqcAoq1bHJUGdIshDY190 +ReRxMSMskF3VNkTWUiOgDdRTsD8DwB4LLXPPImntwOPGo+JmIDaLAMVtZwIDAQAB +o1MwUTAdBgNVHQ4EFgQU8DqrLr9VwRwdc5T6L2JdkFQu6/wwHwYDVR0jBBgwFoAU +8DqrLr9VwRwdc5T6L2JdkFQu6/wwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B +AQsFAAOCAQEAplcU42Wu+cLahP5bfvDFfLR9DkSwKZH1GizByMT7g0AqfZdvGL18 +vmV8K/SRd0VKsfrjmOHtgkEM9xbESyIAWZmPNcSu+oQOr52TKSh5p3IXn53KT+Z2 +7xM0yWXSRj9UERmuA3SXYjBRUnFp6GGelsOGRjT4nExIWanGif7U3oYVle9hBucH +5eLn+nhEausv2vGI18Lx4N25/7ieIryWcwlkvGtRl0rB5Pcp75BnSOFeN7DXhNLm +zmBD5SQHLDBBnVNI9/JQm414yL7o0/NHQzoGLnvCCJYUk8i1IxwFgS5XC9aQrI+H +0r/OlDjA9zI+n9QpmYPhjAoNnNeUgCg58w== -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/ca3.key b/integration/fixtures/https/clientca/ca3.key index 75a7db6e6..49d0356eb 100644 --- a/integration/fixtures/https/clientca/ca3.key +++ b/integration/fixtures/https/clientca/ca3.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA7QH2JSnnDSbU1YL1BhaHFIT96aaYpzH30NafMpmghuNNJFC3 -KHH71zbPV1gAVlCl1VFIpAWfUg7yznXCUhzTUosV+XPgS9J8ApmICeQ457PDNVDw -laAp84lX9ly0U+jjG12FCY7X5T5iBJ9TQBISEe8dsg9NQk1FN+QmwbKCrir+n24D -VOyMzhuHoCSIPU6UaOnSVuTOfcstilda+Aay56Ox1WQlLmmfY0qOSpWGESCDuEoq -qbw1zeZv68aHD982mk3/F46zCkw9pbvsumnIWgN386aqpatvOfYWrDWcQuHN+jsC -Qo/JGbx5TfBJMh2ZpfHVHmo+OoSZiusNnYddrwIDAQABAoIBAD87j71YkaFro8sX -NmIabo2l8cx9uyqYZUKdkDnCzRZP3Iv80PEEgClqISVvgB+HQsdH+XZxXZFaFaPJ -vT+FG0hhfUphhQ0VqipTZf0lm50N094MqzNwWOD12rcLAr2EW9s4Nz9WkflCjIop -K9/jMlkAj86q0HUJApen0kNJah4nLPnkqKC9BQipGe2goERHA5N8MS/k/ODJrOzI -qdD77wE5oov5sIePsGp3zCKNw89qoVTfkH8eYos6lPsAibYfgm5z7LwEtfe0ZizG -myQfAYZx3Orl2eNxAb0c1dw+hNYKfeNAwn6h4J8AKuBHawZMb2ztlTj0ZludrhQC -VuwAcrkCgYEA9sFsszjoSO8pXDnbaQ8UNGwy+C1t0fcZIOxIebKPcfipGio0R9vr -SXEEfRQb+YdIFkQpe4hwAHt1Q75zh8z+oOTq8EHprxAwI9bzgyaEIHtGibvs99XT -iWSPtL274CISiwSL8NzMl/orD6sDhmJqiXhwtf2SDubUJu3gz13CeRsCgYEA9eMM -CYiOc4wLxKqyCqe3R86vnBFVauxp9eq9XTLvD+XoGqOksXupP8rE0jx26ILmKiQZ -z99MGJoQicEpo+BW3L9wr6OJQZSrs+NqWCxlmFRJL+p3sw53B4zjgYaimNl5KH4G -8pn7XbyRXtqhSBQ2kuNrkVI4SNxdEi1K+PoZ6v0CgYEAkwVcRsy5WftloVW3rTkW -yMVO+R/YNyoLBtrBtAD4BugpmTVcQRR/dBqqmfvJTzuTb/Dc5oW8dg0ZKWvoWhmB -/Utn0A71tSDoDfKc1J+2ScQpmxclceUtTMdl+EK0Fi827S2gU7q7DDI6RfOW/hLV -d2MThNu4krhl32wMboFmxdECgYACwAhZbvKQ7kcPaw1Uuy18mx4xs6vt5zkELBz0 -Fua/mcWvzpa/+W8aLI1pAI4f6Z7jZ8X2Ijw6pjZ7I/LwR0kRbP64qC6X0i7dczS0 -ScLVIlQzOf8evJGuPvAoebYF2aDWSBqRyhEaqkpB8lYNdVRq7io81NuWTQipdGI7 -SKjTjQKBgBNSbDUWS2CAc+fsM/fBvYHKgrigVcKyvWwvb5LRXpWgPQH4LbqhG4uA -g/mFTB5B1UBg9exN/dX6uegREdRA1/X+jRAzCqXYTFESo0/UrJhJQZ3waFKJ5PZK -WChrSl6Lg5IMF2jYP5W0HwzbPPgRGibyELYBS5gZdAZpHgZToXeT +MIIEpQIBAAKCAQEArrtum7YU8772bC1PwTYoydk7dj0ZKu0JQ/rNnesN/PG7vUmd +idz5s0j181MSdogyT6tf/w0derMVwBtu1SR1eF1i0Cm25MCEAn8rAz+S2DpLitM+ +VrgqjJUEzyAhQyGT0nXWXObU2Y483fvC59iJklKGYje7ezP7cfMJwOO0Ox4NRNY0 +5qKWoLjwWvn7gGSrXeeuoJgwTpPe+aZOEi/Hf05jb4UZKvJCd0SGrk4NU5PmXL7x +6NjskXBDwM9hgRTvKM8J9chLqcAoq1bHJUGdIshDY190ReRxMSMskF3VNkTWUiOg +DdRTsD8DwB4LLXPPImntwOPGo+JmIDaLAMVtZwIDAQABAoIBAGG+fdhjGgNkHstS +6ZuGpXiMqaOx+AM4SAecJCuj0tZdj40KwjLdx10Qgm1UWi6ub557mp69gnEh/xfR +AMYAuCnV67HQs/vw6afP5YrSpF2K9rk5BFVUfpDXx7HqIlFAVkXUH08m3Yi59bij +3lr9ma+dtIj67ki0QoNy1lDtz+OFNkwOcga+Z5hMphJIBjL0kxO5AFPYdm6D4qBU +vpryujop5N0nCiN9FMtsGTDSBR4Ytz1gTYnYTc+1cLZ+u3/+x7hMVoEhFzaR0RQN +1KXJE/1kwlz4kIBpgYcI0+Rh/kfQ1RWXgLej1NOex5d4RB7a2wH/Kg70JdPzwGKk +kk8rhzECgYEA3CtpwO267FNGqghk0BEp0J07PLvcQjeRR1rCxRYXb/9xMEtW6p7e +OEaVT9P8yXs4hWExWcQIIUsyK01men97lSbV+5JOT93KZwQpeLUV0QwhE0srZ43M +dCAQEOIy7yyvW4DnB4AWduRHiSkiS3eHpe393YqoSrYmkp3jzDz90YkCgYEAyysH +gfb175iLtfc0Lkww+TW/khmE8BK8AEy9SktgZ3Ey+jzEkgkrGjLNDg1jjbzC/uZ0 +OBQ9QwRbb0iZ/DVOMI6CoK1RBP7ddyV7+Ie/TGyCchBZGshn2/3umiALo3Tzv+Oh +7fes5Aq19r5zpB7QEdkXc4A297pM9NXvzgnFO28CgYEAm5t3R+r9dK+6vsvl7IRk +6FNoHZmsp4Q8gpDsHX1qnTaN2hM1X+deqamBOAVcoU4ceXBi/82j7VwHHkG7DxLw +1k63Z/FUte/McJipcu2ReMk4yzkSeULn4J8Um8ozM4WCfoqRPmTR+7+Fq7RNz8aw +MZ8OELlCDmPEyVUcPipRPfkCgYEAtNtlH4icfeEp3Z5l0SD6J551HrWg5aWHviyS +BOT8uJjIbIJT6jxHJlc6utuoV7BFVWwI4TMDJflm+7WBfkZliEwUdLxUd0H6G+o+ +ZYtR+9JMfQWYjIMCEZAHKySDt8qQga09pPzp50axnSkFAIB9cKX0flkQlY4+m2Um +yB9id/kCgYEAn3f8W70IS+IB/B1p4v38FFF6MRLcaio7G1favMw8mZU/k0B4a0yh +fMHANkv0XQHvpw+KBbikK3hvQF4iaBE62mMaULKaJ/D7npzyJpYrgIkx1dYiqL5O +KnMLaUmTpvyksSztyaPSytoQCKV03XeIUGGAPq8KpDZOB0oy1arFIL8= -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/https/clientca/ca3.srl b/integration/fixtures/https/clientca/ca3.srl index d4228a51e..bf27f6b0e 100644 --- a/integration/fixtures/https/clientca/ca3.srl +++ b/integration/fixtures/https/clientca/ca3.srl @@ -1 +1 @@ -813218563E2DA0DE +813218563E2DA0DF diff --git a/integration/fixtures/https/clientca/client1.crt b/integration/fixtures/https/clientca/client1.crt index 506d5ca30..204f1ccbd 100644 --- a/integration/fixtures/https/clientca/client1.crt +++ b/integration/fixtures/https/clientca/client1.crt @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICszCCAZsCCQCD6B82WZ9D/jANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9j -YTEuZXhhbXBsZS5jb20wHhcNMTYwNjE4MTMzODQ0WhcNMjYwNjE2MTMzODQ0WjAd -MRswGQYDVQQDExJjbGllbjEuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQDH75aclHoZkQfmeH3XpapxyF2/K73SpesY8Y8I3B33WnQc -vIy5y554pPJMtGH3ZwiN6ifo3TBEs/2WjSOWYwxfXh3utllYArApelSgUrI7SBkw -0MqVm9NG+X9cCTeWsCf+nldHOCnCARuyBEpLeRDPVlNmfgdNK2ar0KqqEPnN5UV+ -k968nAuqSDtRL7Yl7R/uxEq4MglM/ocxOpGIrLTFh1eclPVaQ/dNsEJpkrnYQlFZ -aI1sWDzWoqtpAO15PgBBNnkW9EJGrF8dAds64U2jYBZLMKuHwvuERkEgOKEdUrB3 -uu1dWJxS5BCumWM1C3xs6qsLeonWxZ5GXjjWObZNAgMBAAEwDQYJKoZIhvcNAQEF -BQADggEBAJKME0zm/0eokmXMCLJhKYgm8hDKOHKRFRZl7vwy9SC9cwhdlhcPEeeP -5M+dXQCtEQWgo7phoJX8nBipZ/Y0lsvDD/I3XucIkUlbOW4rk18L83nBIN4paKzW -I4CMJ6FQ72thP7L7wC/lzp3+qUCxmcpGjw9pkU3b1pQPkxBfOvfGtRFMG6E5+xj/ -MtL3owJzpIH2f7vtmIszBPcgFWpvB0Sq0eJ+TwuC1huvcnmP+YZ7Iz0JhsSRw+pU -yiO9ByItBbGfK8x+DfUwCVsCL7vNscpjvTCgT3x2FNvS+XmiHZmZtpRGJPzvdI0m -Bd615VD5z+SoG/SiemqDGmt2Ank/zcI= +MIICszCCAZsCCQCD6B82WZ9EAjANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDDA9j +YTEuZXhhbXBsZS5jb20wHhcNMjIwODA4MTMwMzMwWhcNMzIwODA1MTMwMzMwWjAd +MRswGQYDVQQDDBJjbGllbjEuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQDqLbCPwvQFGcxCDL4Q/ccmd4OsHYkFNuGt6teqGPuFBphx +7BUdPB3Q8A4SK5pX4m8YbXQeB563Q1PWW3Sx4sDtZA+vmkq5bOaFXnrDULGHAwAX +4SiLcqISKOnO/Bu8h2L8LOjL5eGJUKON0zfSP5/NHS0kDG5auiTfsStzWJd99kxj +CZKsSHfxzWwPQRPle6g0UHF2n+ezF2D+dXQorkECsVyAUB5vaN2lX6e6Sb3r0j/C +UaqMrnVKzTQDaQxzi2R2BnRZ22VaA4dDVk9ZCnm4VbFHLjPIroyIbxF7yqhY2E6y +GkyxLo4squP1xm85pM/aNbCCejZuuOKOywmOn8TbAgMBAAEwDQYJKoZIhvcNAQEL +BQADggEBAESVbNkdM6p3MJ6Mvf3Wkm3wRXvdEx5RZo1VKqpNDga1MvNqdN5GBMH+ +dmzMHuIgFAIuBbpdDqf1qkOTYm8ZuJib6fbUym6KeRY4VfHiYhB12OC4m9szXU7W +/9/KkNrZ+mufslqpILkeH3gTyV21q5OWw8c2DESTOhRwpTb3n4Wl4H1p5c/2Q4CA +2p0wgeF/ccAf50cmWMVL3Itg5IuuTMxfsobk/yukiYzjSfOuyC6QxxrbHYnX4QmT +smMwpA3fqbMOE5ix0HiW1oBfMENtKltcJ2VyGAVItVq+/yrOFIjgJwSQGZygeN+G +lCkaLE7P3IOohkZc/Oo7rlaImVQ+wMc= -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/client1.csr b/integration/fixtures/https/clientca/client1.csr index 8d293e80a..79b5bf8e0 100644 --- a/integration/fixtures/https/clientca/client1.csr +++ b/integration/fixtures/https/clientca/client1.csr @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICYjCCAUoCAQAwHTEbMBkGA1UEAxMSY2xpZW4xLmV4YW1wbGUuY29tMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx++WnJR6GZEH5nh916Wqcchdvyu9 -0qXrGPGPCNwd91p0HLyMucueeKTyTLRh92cIjeon6N0wRLP9lo0jlmMMX14d7rZZ -WAKwKXpUoFKyO0gZMNDKlZvTRvl/XAk3lrAn/p5XRzgpwgEbsgRKS3kQz1ZTZn4H -TStmq9CqqhD5zeVFfpPevJwLqkg7US+2Je0f7sRKuDIJTP6HMTqRiKy0xYdXnJT1 -WkP3TbBCaZK52EJRWWiNbFg81qKraQDteT4AQTZ5FvRCRqxfHQHbOuFNo2AWSzCr -h8L7hEZBIDihHVKwd7rtXVicUuQQrpljNQt8bOqrC3qJ1sWeRl441jm2TQIDAQAB -oAAwDQYJKoZIhvcNAQEFBQADggEBAEZ67vahAVydtW6LTXFI0cVY88vqunCWpOzz -UgJAzUnWG84CGDiyezj/llv/Nq3YbEEpBuxp/prOEwrJXAi/+tjx7wCh2iLJDqo2 -aNRUiAvR/XZgafxq4NUrAze70u7BWR3QX+XSaxmIEEX1z1KJDGTfY6tYpCZNlUr+ -/Hl6MXwlpWX0WR26zIrjx5u0dEsY4pviN6NxTZRQJxbQO1H1wHr6poVngOhIdErp -h2ZcqvTcASTkIEdKR6R8E2iYklgxIHNLWKaHZ6aBqW7lW17WKNSiGPfPVAtFhUTk -tBmgdVreAwMj+AdaweBVt0uBqb/9UKhqNThEnh4kJn1I0pMJzP4= +MIICYjCCAUoCAQAwHTEbMBkGA1UEAwwSY2xpZW4xLmV4YW1wbGUuY29tMIIBIjAN +BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6i2wj8L0BRnMQgy+EP3HJneDrB2J +BTbhrerXqhj7hQaYcewVHTwd0PAOEiuaV+JvGG10Hgeet0NT1lt0seLA7WQPr5pK +uWzmhV56w1CxhwMAF+Eoi3KiEijpzvwbvIdi/Czoy+XhiVCjjdM30j+fzR0tJAxu +Wrok37Erc1iXffZMYwmSrEh38c1sD0ET5XuoNFBxdp/nsxdg/nV0KK5BArFcgFAe +b2jdpV+nukm969I/wlGqjK51Ss00A2kMc4tkdgZ0WdtlWgOHQ1ZPWQp5uFWxRy4z +yK6MiG8Re8qoWNhOshpMsS6OLKrj9cZvOaTP2jWwgno2brjijssJjp/E2wIDAQAB +oAAwDQYJKoZIhvcNAQELBQADggEBACOz/5DF2ViRsYPDIaffzBKcnqSDI5Z8k3C4 +TsWukD2PywYErdDFx6lqcIk5u66JK+wEPDHkLgdIqy/NjSbgKwOOpRheOX8QtD4C +VVK92T0lmFBcITLToxKnaRvX8udLiQQgmGdJ2XHNSkbkOkdRsGJX6iD1s9TcQ4cY +NV2s7M2HlOxyQH4bXcYyeH0YKHep0mdKssh17ppRRQ4kClubderZqulCCAjXvrpV +hM0/qqPBQd6MO0bWccSBUkl0+ZhWCIxaYEEaTKTsAVeoErT+5qufLgpKVGnYsXS0 +hl3KU4E/NcyRl2gUy+T9467r2OdfojW1swxFpj6i2Kf1HKtsxqs= -----END CERTIFICATE REQUEST----- diff --git a/integration/fixtures/https/clientca/client1.key b/integration/fixtures/https/clientca/client1.key index 394e64e03..5a365b802 100644 --- a/integration/fixtures/https/clientca/client1.key +++ b/integration/fixtures/https/clientca/client1.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAx++WnJR6GZEH5nh916Wqcchdvyu90qXrGPGPCNwd91p0HLyM -ucueeKTyTLRh92cIjeon6N0wRLP9lo0jlmMMX14d7rZZWAKwKXpUoFKyO0gZMNDK -lZvTRvl/XAk3lrAn/p5XRzgpwgEbsgRKS3kQz1ZTZn4HTStmq9CqqhD5zeVFfpPe -vJwLqkg7US+2Je0f7sRKuDIJTP6HMTqRiKy0xYdXnJT1WkP3TbBCaZK52EJRWWiN -bFg81qKraQDteT4AQTZ5FvRCRqxfHQHbOuFNo2AWSzCrh8L7hEZBIDihHVKwd7rt -XVicUuQQrpljNQt8bOqrC3qJ1sWeRl441jm2TQIDAQABAoIBAQCtD942uu7VooxM -GpATUfsvclhzWdF9vNC7TpyY9q+ZpFpNZYgKaw5JL73sV1dVZ4IoFT9mec+GKKag -4pqjWikjg7w1HPJJFEqYHKOUAwDz/3yOnKw+xBslnGF5sSDE9sYnx7eUljDPFVZ7 -yOrmWW0Li5W1afG4ApFkt8KCYx9X8E0Mren2nfqoobM2l2LKFcF1Xs+M0iUAOoeN -ojS/NTvxjZibm92CMblp7x6e51y+oq3TJFoUwFSAj3U26jyubL5sYpJeAeTxyZg6 -Y+UcEGmCpW5gsZSvRxvNxzCS4bCl9KOZXvyFtcVswHppfTynba6x8hDF7LkfJS7H -z/Ut+e+hAoGBAO2d2M2316eBpwP7x99DQSFpg7E/emdcfdRuHDEonBeJr2X2Fw0a -O/ZtUxcccovy4wrJcqiZsmjqetRUZ6ymsOaaASsPG21ChegFjm9D6+ZtejHpbuo3 -8HQ//LW7hqoiRQh3ODihfYCTwwxIIuwAdUzoxpM9Yu57Zg7reYuNh48LAoGBANdn -c003ay1cq1fuuDJKENj10UZGotRdBxt+X1A7MhpMAqSaYJ+V2XOXpuMbIiX/qDfF -M4hcQhJygoCozNzsynztyIjpGtl57AG95igOi2Hah0OOMt/1Z9UwaukIaHHo8Tyk -sPZYoxBTstZcdsyHnGdU6n90SA9oYLBB89E3AocHAoGBAITR27M6FTCLl2jxn0qc -FFbx3OwB2JDYMXnBxr5vvbimfMWYpk/rnyLi/zQG8bxqmyCXdCDsML7WeqwfNgha -8L0lzotcGW+cZK9KE9D7/WvDPC+UFSyU8jJ45fBLjz2ghEf0JBf7pORvM/K0i9ix -dN/1qbH5+Ufm8Chc1Yb9KI37AoGAAbxDoYugwWzNtJenxD/0gsr4NKi9Bxj4xa/u -9KaFcNDL9KeJv79lURkXrxy42bWFlW1xTNfxcFSb2I2DmQQPXZJM202FedsRm7H7 -+LalSNSJ4nFy13sSqxUIx3fZ35EQ4HwzMMjmB2ulNTTpgBxXlj2I5h35tqYQoVrm -q/jVfGECgYEAkU0L9bp1NPMzXgVJ2Os1VPSzoOywUQfx4NCJhTA1oZR+20JFsQBN -b6g0q6xean0xDuXjDRrjPET5V/GPOQ7stAPTLtqN42XPuRcFzSNj7Skh+ALTP5JS -bNZgBMwxQsbS89bUjRTDlRK/isuNIyUn0Zn7QlEsZEvJw0cNR3wPOc4= +MIIEpQIBAAKCAQEA6i2wj8L0BRnMQgy+EP3HJneDrB2JBTbhrerXqhj7hQaYcewV +HTwd0PAOEiuaV+JvGG10Hgeet0NT1lt0seLA7WQPr5pKuWzmhV56w1CxhwMAF+Eo +i3KiEijpzvwbvIdi/Czoy+XhiVCjjdM30j+fzR0tJAxuWrok37Erc1iXffZMYwmS +rEh38c1sD0ET5XuoNFBxdp/nsxdg/nV0KK5BArFcgFAeb2jdpV+nukm969I/wlGq +jK51Ss00A2kMc4tkdgZ0WdtlWgOHQ1ZPWQp5uFWxRy4zyK6MiG8Re8qoWNhOshpM +sS6OLKrj9cZvOaTP2jWwgno2brjijssJjp/E2wIDAQABAoIBAQCMX8kH1DAcYqN7 +MFI6szVOzLOEV8wL8SME8tJGZ2VWD2cQWxkpBiFFXrDAmZySc+xucyX43k54woYd +54KjIy7M3n88nzuNvUbNyZ3DOLrCGL1UkyaPuK6IPjgxWBR0RZ/DVFRT7T/t5QW1 +fVhn0rXC6WtmwYDhJ9X0tSo7oW5mFTl5PvF8SG5W2AKjmgnub+NsUO+MGVHqoD+l +Rl2WIkX8tA1ZtHlcr21KoyPq53mRGThwPbhwUmoNeJdSYoQi6iqYQUVl9EufGgcp +QLZ40/qle2M6Lo9RrBNlDLUWg7zSTCiBgkVNax6gJeUffqIZJ0laz8/KEJVCLLrZ +xZwW9/6hAoGBAPv3RCF4F76kXuH2gsW95joLp0sV8XEG4GSWAKhQEMA2oYnnKnFO +zy+LxZ8e/nRG9DK59KKwn1luX2s5TNokt+S+7MbRUiCPCULW1yzD/QFLmIA2UOkD +8b3As29xmBSi7bulwgX0NAVEXT83pq4CY5SmmrIcZ0BvtYItYrIA5X7rAoGBAO3t +hKnh/EZvRQUQsOxpKrD1PKG/WpOoi4DCyaKgS1EDDDFPdBNdB25KSj+rrIldbbde +2V+wP+ozHrOfxguT4R1xpgTipD/t0tJA0vBX2M0VegI1arCgScxDl08nvpMtEFUK +H8lCQ5c98IPESKD3l8D4plXEGRPqNnCBad4l1bXRAoGBAKgjL9a5wfaYzywwiMGV +4E05u5BSe0R2V0UoCBZJH3R0wEU6+kqUUZOjzONLFnfXZVt4VbQ+8ocGLSxrF0q2 +l/RQJ8bgpdJOQNrWbM5Vlr7HiGN+W22zER0Tu2mRvu9+be/7Q8cfV5twLF1kMJkL +xRHMP4y9gXUxVkkhKiwohvyzAoGASLbHTZgIHoqRAGxKdeXqKyy3vAMcLnZbNB3T +u8TbX8XbqxJKOkS7KaTArlbMIysPhfQR4OGflvbKkkDpKM6oBPSftWyCoBsRzDoN +fXCLjJncsOIcWiCSjT+29XUDFD24eRTgBAUhXQ6L++k3/SHOGiajxyBoPaLdwmJ6 +tW7AspECgYEAhk0jBX8R9cAXXuXs89vkMMFNlDSA+FgeQJrTEh/Rl8Shvfq9dZGB ++QrCGMWPJLB/bK6xU5pARkA2arLY+3+fX+OvuOSSk3nV2lf72HHlkd1Lt8nnoTO2 +Wd9Lh6UaZt+sYsOOH35RgIMmAc6Lm1RC0JOamidqfk1LmY/pG03oAJA= -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/https/clientca/client2.crt b/integration/fixtures/https/clientca/client2.crt index a6ee942e7..d4be8150a 100644 --- a/integration/fixtures/https/clientca/client2.crt +++ b/integration/fixtures/https/clientca/client2.crt @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICtDCCAZwCCQCerG0FImwiFjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9j -YTIuZXhhbXBsZS5jb20wHhcNMTYwNjE4MTgxNDUxWhcNMjYwNjE2MTgxNDUxWjAe -MRwwGgYDVQQDExNjbGllbnQyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEA9LaFxeiG1qpBTUIEl2vxvojOSWR1xkayaGtGsXBuqucf -wifulsVC7dw+t7lW42pWutIuR98iflAZ9+tFX7TsEITNIyV64ePn9TF935LW2DFm -AFkqYdZcTJ4qOkdsbbiHznlaIDPbMhIZFd9L8NEhrDTHuTtCav3g5B5V4okJfeNh -iSpKm3WLHP6lFwG1RISLhHTCeIMFxer49iHiQ+A33TV2l0bQGcv4e1+OoRsXGKGs -3oY6RJZ0GqzjeYqoybsLGBvZPPd2e8nH3RZac66XHMexsHHTV7L2tpWZm+JunMRg -hMXONc0b3V9mbUdrjHY/aGDPADEevZA4LLztGUc3VQIDAQABMA0GCSqGSIb3DQEB -BQUAA4IBAQCFo6IXUznH/iSuJtWrMtMkJTEg7o2qKRDgFApzw1J2URdvyYery15w -6FddKFvkYhNLFl9Nb3Z8HLxruZrrItqwjR2kIG9lW00uxnwIcgwTibmwDQL5nr7m -1cWzelhY/TVwBpLXRMg1YOXU8NRkT1VjkTUCpyIETI8b+wed67MkrofOadaY+FUL -gk1F3yDKz35UYIKnlxKwvrdySE8WFza0PmiXQDtTG1moTpe1BDEK1b60vhfudMBK -9vhE8kTooF01+su9gLUcrjVknI9H5PHtXID7FDiZ/disIAaWqSQLuvg/Kvb/cAFd -PwTKgnJQVcTKXkz2leJ6fsvzYwlANob1 +MIICtDCCAZwCCQCerG0FImwiFzANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDDA9j +YTIuZXhhbXBsZS5jb20wHhcNMjIwODA4MTMzODE4WhcNMzIwODA1MTMzODE4WjAe +MRwwGgYDVQQDDBNjbGllbnQyLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtWkvtUsFBD7REZmm8pUK0ZqOdIIpA5PJgqrrLQ6AOSJ9 +Z7RQq7BJv8f520FjswIQH4o9PdGYjm9JLSfiRto6hmwB/51BT9Km+WkdT+UNBGu6 +uK7dTbN3BUpei+dbzGxdmBagufQrlK9fkjIF80ZZXmE0c5weLUrhW+E0CPiFeJeH +oyJf9QcLu2GVmS0Yf3izsBhb0c6JxVG9ZDYiM+EspJZOf5ziSB5D4eEBwvYOzU7l +SwJBdfSYd91oLy2BSvgCgaSRJroANhD+PwBN8Jop7KIQ/bFgg7J/JFfZEWnh3GIC +OZsFUbfy+bk66HReoWdr7+0FsWUL7z7YFRuykJFPtQIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQBHutUEmIdT2ZoLYs+S9eXYQlOe8R2ayPBnQTr+Hbb7YRSIeSAJUU/y +eY3GsPJp3nYa0gWMap6yb2n6pAdLXwqq75rnu82ktf1Y0dx3LBO7VOZ1LwIsn/QH +bDuH0RdWTGRkS0Bgnd/sSzalxMwHHl23rc0OQVtM4moxeOGs6UxgSZPpTc6nr7sr +D8wbIMLZjcIiyT+bQ94gVA2d90k50VuG78F0BOJ6DVbpfZQM33tDdiLuxWaR3vAg +dLZs0oscCGuIDUqW2vJ7jCzWqTOybsWLIzjSeOBQjOWKtofFgCt9JaccaAHeNVqC +6PYAQLes0qApVjAf0X0lcNrac9rUZame -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/client2.csr b/integration/fixtures/https/clientca/client2.csr index 945bc79ed..f1a0b092d 100644 --- a/integration/fixtures/https/clientca/client2.csr +++ b/integration/fixtures/https/clientca/client2.csr @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICYzCCAUsCAQAwHjEcMBoGA1UEAxMTY2xpZW50Mi5leGFtcGxlLmNvbTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPS2hcXohtaqQU1CBJdr8b6Izklk -dcZGsmhrRrFwbqrnH8In7pbFQu3cPre5VuNqVrrSLkffIn5QGffrRV+07BCEzSMl -euHj5/Uxfd+S1tgxZgBZKmHWXEyeKjpHbG24h855WiAz2zISGRXfS/DRIaw0x7k7 -Qmr94OQeVeKJCX3jYYkqSpt1ixz+pRcBtUSEi4R0wniDBcXq+PYh4kPgN901dpdG -0BnL+HtfjqEbFxihrN6GOkSWdBqs43mKqMm7Cxgb2Tz3dnvJx90WWnOulxzHsbBx -01ey9raVmZvibpzEYITFzjXNG91fZm1Ha4x2P2hgzwAxHr2QOCy87RlHN1UCAwEA -AaAAMA0GCSqGSIb3DQEBBQUAA4IBAQDHvJVKkKIqCWrJ9sZWQEYBaki76woJMjFW -Ihyd12mzNfUW25hqfk7stablqu+CM/DhwOqLkxQleGAlp0BFo1wBOUDOgfrH5NVS -9lAl7L/roEyRGH6V5/Hsbwi8zDsGOzWCuZk/gNGIZpB1c3TRXBUHsdqpz9FReDZf -0HRD/7CH8hl96ZQTqhHE6+ysHzBB/4CuqbXVtTEhH52FdzCOpt5X0D6Pl/3lNlVd -gMHAssoEa5E00XtjeJdxXuIKYbGLgldj6v+hHFX7k9UNveAXgYBbGtUQ9gA+uEf/ -qosVPEyvULj3aCJ8BSBulzPlhl9rNa/8Q1qUmzyCj28j3E4I22Oo +MIICYzCCAUsCAQAwHjEcMBoGA1UEAwwTY2xpZW50Mi5leGFtcGxlLmNvbTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALVpL7VLBQQ+0RGZpvKVCtGajnSC +KQOTyYKq6y0OgDkifWe0UKuwSb/H+dtBY7MCEB+KPT3RmI5vSS0n4kbaOoZsAf+d +QU/SpvlpHU/lDQRruriu3U2zdwVKXovnW8xsXZgWoLn0K5SvX5IyBfNGWV5hNHOc +Hi1K4VvhNAj4hXiXh6MiX/UHC7thlZktGH94s7AYW9HOicVRvWQ2IjPhLKSWTn+c +4kgeQ+HhAcL2Ds1O5UsCQXX0mHfdaC8tgUr4AoGkkSa6ADYQ/j8ATfCaKeyiEP2x +YIOyfyRX2RFp4dxiAjmbBVG38vm5Ouh0XqFna+/tBbFlC+8+2BUbspCRT7UCAwEA +AaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCQQiJafbDXvE99jRB61vHVKYvyznpVAbKh +OJB5dXmfGfMmWMDN3Ci6w3+eLLHmz4Fg2s2vXzR0zKb5G1r+1Pj3a54shryrkAGV ++pFc2pneNJdYS6OpQZiv4i/ibPlXX4sYQwrxymkwdiAYekXQO5GxhKvZtRC+T4Sn +lEx8XODGioHIk0858/zACT1uhwYLuK3LS27DlLXKOEhJ/SBudmUrpq1Xjx6nM6A7 +T/4lxsWeqb5RTmcMIoFs+bwMMuwASP67itzRz2GAimbgxzW//gp9ZViO94Lwz5uS +4/d1LsX8pWdp2PR5H0JHpI+vHmEazXGzNmpFJIPOY/3uQuicv+lB -----END CERTIFICATE REQUEST----- diff --git a/integration/fixtures/https/clientca/client2.key b/integration/fixtures/https/clientca/client2.key index 59c676c48..bcd57b72a 100644 --- a/integration/fixtures/https/clientca/client2.key +++ b/integration/fixtures/https/clientca/client2.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEA9LaFxeiG1qpBTUIEl2vxvojOSWR1xkayaGtGsXBuqucfwifu -lsVC7dw+t7lW42pWutIuR98iflAZ9+tFX7TsEITNIyV64ePn9TF935LW2DFmAFkq -YdZcTJ4qOkdsbbiHznlaIDPbMhIZFd9L8NEhrDTHuTtCav3g5B5V4okJfeNhiSpK -m3WLHP6lFwG1RISLhHTCeIMFxer49iHiQ+A33TV2l0bQGcv4e1+OoRsXGKGs3oY6 -RJZ0GqzjeYqoybsLGBvZPPd2e8nH3RZac66XHMexsHHTV7L2tpWZm+JunMRghMXO -Nc0b3V9mbUdrjHY/aGDPADEevZA4LLztGUc3VQIDAQABAoIBAQDRxjVetjoAgup/ -w/wToeEVqEjN+WRMmAYQJQXwzaTQtFgxI/IPJQJ+zLKm5CZrxJichdhOnCUBisD4 -GaLarElAz9baLiLsyWXqdoakxUePBKmf2s/OFugAdgVU+C0m0Wz5vmVX/ZwFjCYc -7dI3mc73xDcBvp7tAL1sT+Tn0PlmA3xURssiqC0J+4EtYzfHl1MvcQuU8JsVQjO3 -GvGWMr9EBO3oPa6yx3oWD4dn7xHLcCkuSJ6arIvASEaTyPg0Iu7roPrC7AXA+oGq -+fbzJMqYZW6pMb8HZmxMt7X/srEq1kiyMYFy5fr+aun/vQ6596xjfFroEENJQY96 -+jir0biBAoGBAPutA9/2yo/fchRWLgpsWZ1SLXRWewFYqxlA7DluYXvqciYCXuKe -S/+gLqHklHsc8YUwbEgW2oI9GPJ3iQps6XVNBaF9GvGjSrA+R6Ha3IT9ZUgvN4/d -WOYiNRw5+eZ5PfxTufNK6EwXNwKR/siGEnWJ8AH0oNibTVzJHvMYSP2ZAoGBAPjq -4a9MV6X7eShKHJtkqp33WWQWa3bidlmthhxjhPFlVnjJDj70oKGT5b/YcEFGBxPN -JvTFJplQe0kLaeC49fPaEefARJe+HuCfUc1C73/q2o0pzvWf6Ut+W8ZZLKSC7aHH -ZFAiZeMzzbCiqAbAAQFIgDp6m2U9mRYPTxKskoUdAoGBAMPEJzl1XMdhBfnvt0yA -T4ziOV0/T9sSP7UbHSTnSYj8KuKKAYjBnVgwH1Xq2dyR/QSfT/sbW8jnAZrJhJ3J -bifCS9j72ZOQcy54o3uxJMuF19y4bb3IbbhFb46PQmYWdTLrZb9ryxo1DKNBMTCF -qaIoM7sxsFQNKbY884ggodYxAoGBAIbKopXL0HbIe65um5kmZSIPjK+fWGhTb+VW -CxaaaaZSywWzUmyTCd0VesdtjDQ8mJ6HbH4FuMYzB9/hN1+CqWV4hFOsETjeslfO -znxJr+nkIp9osXLfOnUwIsCBD6SyZb5CfDbMucHUDqGFI1osZR7txMpmFHo5ZgnF -Fnu1Sc6dAoGAbgA9Cf6y8JGwr4/zGPDtaemBTLYMD8m/emdqGPgR7yVWXP/jTMqi -o1EEWtpehALZMVZOsmSg7C/1J+nlHbuxPKsjjYK+V7aGsqXGx95lPyemd2cGcJN4 -fgoCyCahp2BnVCp7Gm3B/AzeZlH7n23qvbkJOsKGuocDycR9TIud+fk= +MIIEpQIBAAKCAQEAtWkvtUsFBD7REZmm8pUK0ZqOdIIpA5PJgqrrLQ6AOSJ9Z7RQ +q7BJv8f520FjswIQH4o9PdGYjm9JLSfiRto6hmwB/51BT9Km+WkdT+UNBGu6uK7d +TbN3BUpei+dbzGxdmBagufQrlK9fkjIF80ZZXmE0c5weLUrhW+E0CPiFeJeHoyJf +9QcLu2GVmS0Yf3izsBhb0c6JxVG9ZDYiM+EspJZOf5ziSB5D4eEBwvYOzU7lSwJB +dfSYd91oLy2BSvgCgaSRJroANhD+PwBN8Jop7KIQ/bFgg7J/JFfZEWnh3GICOZsF +Ubfy+bk66HReoWdr7+0FsWUL7z7YFRuykJFPtQIDAQABAoIBABSnw1zbC9kt5dQh +MJcSTUcMWAgAAfd8TkdoepqIuiTHPoweRckmq18Av/ws99Mb+wX8UXjGcp5VIXnY +vrTeiCdiCOA34YXbMFPZmhLMu6yzL3Fzx5LfSj/59cXsM9GUzRtSCD7kBEpLpZAZ +zf+jFO3gF37KWc1CZ2J0w935ngja1ti7sxewh04e9e8kIcyZVYUPBLEJSBSGkg/M +boEYXpHkpF2kHvGIZ5Uj/di4B5LpE6kEneWDG2aih0FrnW9t7FWaRXpovSUJ9PR8 +XfmjhvVlBcivNkc/75TlpIUcOrIYaf+PuxqCVOxr/UXOfYVRXa+QZNzXlb5KhMWA +jbb5R8ECgYEA5E7zsC1jVwT2gTmGbgPaow24Ul5i625H8twipYO6X38Lo/ZHyOEE +sSHc/RJG+ioJCHeONlHCqC76+mMBWC05zqpAv2eFpoz7RrzV+koIWOX9B0+7qRrD +9Wtqme6rJrsQ98AC9WvICrH6RAi4vc8eh5N0MgxUE5ScmlK2Qa+CUlkCgYEAy2oN +NXYjgBAoHDEyZqq3cr1A5QPJK44LavBr66dWxjUk5vnX26lnV/aUJKPbdsro3uGU +DhZega/yE6PdtIEv5477JTonZb6F+FVzum9IlaSYcOKwqEyEozfjzD/hY0rtaOOc +xg+a+3dmzjFSzwFkcMhmSUajPFrmM5qN80M2JL0CgYEAofHa63IWkAhGLn22fF0h +fh1iTJMFCcjNIljB/rPExK5ifGhanQP4BwllLuIDFLoydB4R8zflotTIVElcD8bs +xUqA6QQuimhgaNnT0lknOJ/S7pfBHn+M1o3eLNhd8PgqXgKGVr2gRO3f/thM6t56 +4mJWvpV+IfF9b/4Rp+AtyekCgYEApLKGZV31GnB6eXEf9N6O0BkJ3SO2k0xcVEa7 +qr7/1FYdPeLW8qTz5tXgVtZREJrz99o/bTSRaoHSCDLqhIcBCYTMNfUjBw8/G7Xc +kPwfkgIF54i0LmBeGGVdTPf//swg84cvXXIvMyIXHCX1fWQMNgEcSIIoEusqbmfa +PTeTNCUCgYEAtV5mnYQZJ354B1BpeexmlPk392V13nvhY2V/cU+82Ze0YTYBFU2+ +gXFKL8LmZvnheAET9TKFXCXZueF+0fcEcn8fJ52DXJf72Mlt6aDfdAT+zqxjBLRR +G3wSPVd5NRDt8njlL3yXa3Cy3JWGzzJi2S5LpCTSMSaLICoc97klw5I= -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/https/clientca/client3.crt b/integration/fixtures/https/clientca/client3.crt index 073c4a2cc..c6c05f900 100644 --- a/integration/fixtures/https/clientca/client3.crt +++ b/integration/fixtures/https/clientca/client3.crt @@ -1,17 +1,17 @@ -----BEGIN CERTIFICATE----- -MIICtDCCAZwCCQCBMhhWPi2g3jANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw9j -YTMuZXhhbXBsZS5jb20wHhcNMTYwNjE4MTgxNTAwWhcNMjYwNjE2MTgxNTAwWjAe -MRwwGgYDVQQDExNjbGllbnQzLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAyW1BnimfqeE2TFVCVaFSOnKucZMezOUs5CiNAECbgBPU -ehAYNZCpKlD0ejZjc8/x2m0fnfHnmRdmCDprpI1gZV/dUMQCgmsq83pccnk3qFyn -tdDTo0vxTKZhusihipKmVEpvtQP0hMH2De7QjwOpjxnIZwFH8anLr8EyUFNyF8fK -k5emkMh8Xe5ppOTof36v9N/WPBW2/gxM9aj0l47CUSXjAUD8Fy8DeRtq/COywlnG -DK25tnrQcX4RBwU9s8pHrXVrvmgLUEc3pWuxrwGJzQ/iY8l1mDDmhqjmcg1uGYOe -hs/Olnx7pttUbd36mNXSSkjPeTabgpZDFtljMcTJwwIDAQABMA0GCSqGSIb3DQEB -BQUAA4IBAQBUSxHFcGKaTBBj9peCgzr+buhPQ7F72uNe0uYZhcCn91KXECiFM+rh -W13qcfsHDM/PPWN+TXHKzTxCHYv3fGkcAR/bUD206dXbO/T1Oc8UTciJFWXCxMK9 -zKlZgn48TcAIEhJodVcqWXr8hZ5Grxw4wB2DnTUTr5FuFS/f4gtlflPJzirxZGe8 -LPZb7QZ+LHxGK39QVY/g9LJxlWzbCytPBR0enb8ijjVj2+Sc+NntvQHqXedNFIql -ns6X98nQtwFn9/MgLGbqOYNN36b15HddyDRgfZ6zMO3Aeve7GM5GqnpqhyprN91t -gVaVUIxZCUNmcmtWu+a1QtK/MgLIpX4I +MIICtDCCAZwCCQCBMhhWPi2g3zANBgkqhkiG9w0BAQsFADAaMRgwFgYDVQQDDA9j +YTMuZXhhbXBsZS5jb20wHhcNMjIwODA4MTMzODI0WhcNMzIwODA1MTMzODI0WjAe +MRwwGgYDVQQDDBNjbGllbnQzLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAu95ub4QVJeMim1kmwWf6dECWckHG+DYnShnUO7N/p5OX +4efN62hocvbdYHtyFjkNdS4oWRdW8SsL1CjsuuudBfNhkxP27GbVxXlvuXKKsvhs +WG/ADt4/C276mgTub6kJRI2CLSqjUUGX7aVbDrSMlBj/HGBvBu1NIdQEEeXf6VHK +imC7h4k7BQ0QDGyoSv+FZOQrsYFS90fjU+S59sZA6JSA79WvXAYUB2JZhP5FDX3e +rIXun3Zk37WsD2MQBxEwKrHRZl6FXDyuNbHN+nlup9PV9+LOe5v4qRKZg9yQHBrV +vB+tstE2bbgyfWpUaRuvJ7Raii/xckSi9FBrK+aj3QIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQA8ZLQtKWIMCLHOGQw+CajTm6ZkuzYpsRhvOB7ikLy2lmfXO3et7cBt +1gukIk4AmfBskyxvD5v9pbxjxP6mYGYHG8Unitlxv+k0+QPw73loZbCeWIVTAR2k +6/8TPGPE0nztLzyew5Z/swu2SSXNcqrsSde/h1jh+rVx06C4xZnENzX/wtz/h3dp +XB9Wqb5oTSkZB/5GGMmZTFYwZwLwr92LArC9fvdzeF9OsG5Eo3s4xuRuA/gGc+ea +FKMikJmQOHBEbNo795NX8AL3jWCW+tgePwtYB9xr7UGqjT3HfT1eHdETM56mByOK +w+RDYChOK2wlf4iA4cFYFCm7M30hcVuw -----END CERTIFICATE----- diff --git a/integration/fixtures/https/clientca/client3.csr b/integration/fixtures/https/clientca/client3.csr index e7f12fee1..5e0769bdc 100644 --- a/integration/fixtures/https/clientca/client3.csr +++ b/integration/fixtures/https/clientca/client3.csr @@ -1,15 +1,15 @@ -----BEGIN CERTIFICATE REQUEST----- -MIICYzCCAUsCAQAwHjEcMBoGA1UEAxMTY2xpZW50My5leGFtcGxlLmNvbTCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMltQZ4pn6nhNkxVQlWhUjpyrnGT -HszlLOQojQBAm4AT1HoQGDWQqSpQ9Ho2Y3PP8dptH53x55kXZgg6a6SNYGVf3VDE -AoJrKvN6XHJ5N6hcp7XQ06NL8UymYbrIoYqSplRKb7UD9ITB9g3u0I8DqY8ZyGcB -R/Gpy6/BMlBTchfHypOXppDIfF3uaaTk6H9+r/Tf1jwVtv4MTPWo9JeOwlEl4wFA -/BcvA3kbavwjssJZxgytubZ60HF+EQcFPbPKR611a75oC1BHN6Vrsa8Bic0P4mPJ -dZgw5oao5nINbhmDnobPzpZ8e6bbVG3d+pjV0kpIz3k2m4KWQxbZYzHEycMCAwEA -AaAAMA0GCSqGSIb3DQEBBQUAA4IBAQB3ApcHgGHXXYqkNHDp3xaXBrsYNnGSoqQq -PoFqNh2SVVh9D25hcfTrCXbv8Ng+rTEZqb4BMrSPxl5vNRQL78M70NMNE1bXcdW3 -XWSh7vLxCAmHx7DKNxQI/96o5lG6FFkmZNYZ4CllqXaW0hV3CTuy4ixGwz4JJ6vI -caS4OEMB/r+kEm0jReGjalS/KWk61+bZnHWKAkvpPxIFKp8YMi84I+GlE1YfbXiC -kYtwCFmEd5T6Ztz/f/DtCF0JuH+S/2+R+7APD1RbaU8lCMDA292zlVP2mro2WRnZ -GAbynaqxaPQIn+2LBD5ytRx9aHALj58vq/PVpUUKb20RwIf74+t1 +MIICYzCCAUsCAQAwHjEcMBoGA1UEAwwTY2xpZW50My5leGFtcGxlLmNvbTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALvebm+EFSXjIptZJsFn+nRAlnJB +xvg2J0oZ1Duzf6eTl+HnzetoaHL23WB7chY5DXUuKFkXVvErC9Qo7LrrnQXzYZMT +9uxm1cV5b7lyirL4bFhvwA7ePwtu+poE7m+pCUSNgi0qo1FBl+2lWw60jJQY/xxg +bwbtTSHUBBHl3+lRyopgu4eJOwUNEAxsqEr/hWTkK7GBUvdH41PkufbGQOiUgO/V +r1wGFAdiWYT+RQ193qyF7p92ZN+1rA9jEAcRMCqx0WZehVw8rjWxzfp5bqfT1ffi +znub+KkSmYPckBwa1bwfrbLRNm24Mn1qVGkbrye0Woov8XJEovRQayvmo90CAwEA +AaAAMA0GCSqGSIb3DQEBCwUAA4IBAQA3hpWyHbGn+3r2hdD82pi8sJmZWrvk2a2k +1ZriGvHJiZG0lDZfBM/jTNKbIZFyypx4AaMTUJLOmC/Q+pr+WGAmisBt1Fz3v2gw +pR+Hxt2//lST8wou751m/DS4dbTYIFokCrcQCQ9uaOQ5uYKUOD2A25wRbhl7Hz8T +zE18VWHcXSOb02nNRwhsCSLygYoBr5UNGRl7nNWOVIJVFdO125HbCiTDGaTiA9Ng +BsbwfvehkiqceeT67QNvnWOiGMCbNjidx/0716YXb6FV1KKGtw96zhy99QTvQn1Q +NQ913ch0EJ5JIuCifIquNkRBLlBayrZxN7IU+TKMwlt5uFn5PG0r -----END CERTIFICATE REQUEST----- diff --git a/integration/fixtures/https/clientca/client3.key b/integration/fixtures/https/clientca/client3.key index ca55ef98d..1de3f53b5 100644 --- a/integration/fixtures/https/clientca/client3.key +++ b/integration/fixtures/https/clientca/client3.key @@ -1,27 +1,27 @@ -----BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAyW1BnimfqeE2TFVCVaFSOnKucZMezOUs5CiNAECbgBPUehAY -NZCpKlD0ejZjc8/x2m0fnfHnmRdmCDprpI1gZV/dUMQCgmsq83pccnk3qFyntdDT -o0vxTKZhusihipKmVEpvtQP0hMH2De7QjwOpjxnIZwFH8anLr8EyUFNyF8fKk5em -kMh8Xe5ppOTof36v9N/WPBW2/gxM9aj0l47CUSXjAUD8Fy8DeRtq/COywlnGDK25 -tnrQcX4RBwU9s8pHrXVrvmgLUEc3pWuxrwGJzQ/iY8l1mDDmhqjmcg1uGYOehs/O -lnx7pttUbd36mNXSSkjPeTabgpZDFtljMcTJwwIDAQABAoIBAFYbTqG+SXLlw8B9 -8g2JGQ3DWK9UpSYSEk62xxAEjnUCBSLpHnBHlwlv8hMMjRdFHa6yV4G9l7PqPMPn -tXxys3KiuIl+QVRfW80Z0ctd5l0ivs8Kpm54WH7b4YtnmScT6ea+q2JGfpECGZ17 -Kcz5U9LIwtLFyWuVmm1XuZp9EZj4HI7XgaktPom2f97k7oyQgKvgHVMUU+KYjS0X -KTTf+PkSR/laV9TXNTRlFOwblh8tjrb/CohR/REQ5yTM04oRHhD+TkIV2qIUuM5Z -P2hmIrMGhoJt01eJlZz73vXBBFAd/rzEIuKBroEG+culxje56qBbMKvfhmVJNuMz -6AvkPYECgYEA+yXVRcU7Zqz7rqq7Mw3s3yC6LzE5SNO1hRl9J2N4ldHf4bUeHEuh -ztW8Q7XiiftLcCGJPc3QxWRWwC8omhwefJzEmmVgpDeTMVjI/nNpgdgKSQfM77LX -jZtH8q5JH4cMvJbFMV3JN24LSTrctryt+p/Jps3x0FzbgNGEDik7/y0CgYEAzVGB -UESd09YvBjjW+1CJXHwgTh9Qc4L4VhAt7+O83SxGJEeVMYeTi/YHM2X5ytFBq/1w -M+j9CWpNi7XoHOCVWZfQjOvsrX5R0s7iBrL9ikkmaEy95VEgywsXTaoJE37/l5GR -j9s8P6o3KeCyce++2Qi+dHvAUEspLS1nW8KvAq8CgYAKwrw4mRLKe27tNPOAZIBZ -rxVLIFjL/gYxBb6PCXwJL0zgZto7bCIqso22ePyT3OiGjWlL9J2VV48//MVIlRvZ -Sv5Bf0Z8wsTTwHIcNOW4YoFOT79AJfGGZ7jVdRI8/5RUIEGis9oDPfvNz2/VhJAP -xPjm5LwPqWreQhveX3XqoQKBgQC86JANVYTNotTTabrLspcf5AkpOACit09ciDhr -7uMXsKO8v6wSzUZBUZXggaQqKwy8fUweRvGCFy/QKwesgiqIK3m0H2I9YutQBg/K -0CcddB6Feo6CDnoYt1SynY8KRCBQyZvfe3zcqvVkb5xf3pF/SV9K943DktQJACyI -LgEuewKBgF48AjNyi7zMgH0h5rsVimtjS7p8PhwZXyN70B/poykR3sxhCnChuNmt -47MNOQrNgXCQivrZk1uh4v/itoVCDX/GYz+bqHh8MihALuSX3eRnVPk8oDjoM1lN -Hks5wU7RK8gy14DPtTxfr0ca65v7kzu3nY1UwdFuTjcDwIv8EdGj +MIIEpAIBAAKCAQEAu95ub4QVJeMim1kmwWf6dECWckHG+DYnShnUO7N/p5OX4efN +62hocvbdYHtyFjkNdS4oWRdW8SsL1CjsuuudBfNhkxP27GbVxXlvuXKKsvhsWG/A +Dt4/C276mgTub6kJRI2CLSqjUUGX7aVbDrSMlBj/HGBvBu1NIdQEEeXf6VHKimC7 +h4k7BQ0QDGyoSv+FZOQrsYFS90fjU+S59sZA6JSA79WvXAYUB2JZhP5FDX3erIXu +n3Zk37WsD2MQBxEwKrHRZl6FXDyuNbHN+nlup9PV9+LOe5v4qRKZg9yQHBrVvB+t +stE2bbgyfWpUaRuvJ7Raii/xckSi9FBrK+aj3QIDAQABAoIBAHjyqoaAslzB7fW1 +X44EMunE6xaD4mTJ+GFsX4ZP+U8ZZh657Ygwn43kAIGs97X25QMbxD4XGJIK9IKS +FlYAegbquVbG86EeU2He3F63rzOpW5dT2oG38z6ZJB0kL50TZjQMJlKNsLcPU5Bb +dFPzSM3Pie3q54++FnpA1J3xMEY0l4a1JtDL7biZvXk5S/2VeBYVKq62561gNwXv +I1Hv5yhnqOucBQHlWS1zff9vALOhIFKrUJpcA46Cjtm/vTzmCytwi5JCZ0PLtMi9 +WBdOt/wH5v9AhHzid+zT+TWPUcrokft9SVEX0j4cHHUufxD7Nw8Q//RvLCwb4ypQ +Ot9rhgECgYEA4TrRDoamVwEcOYfXbLJC6XEzhrjpF3+YHZp8d4177J5Vz94QRxLJ +wlxcBFikuM1dN8kV8cGUzUMRvSZbm2LEuOQW3XsDHeFuaNCwBjx3BLCxHdi1OuHb +JmlkJlIMo2u+IrMCD994pCEGAWUmFHMbiMHwU/ezzdj3ffVEBjo5NoUCgYEA1Yj0 +p28OMoaQsR/F1pd3Qnib9jQYVtFwD6ly4c9mItNtFn+J5MFbm9H5WgJt7w/eIMxD +BRWHUgnqVQ+UFQnTESN9AnbfkcTcGfkKgyzuOb+bRjQaCnE6h8rrSFMPFDxJ4nus +ruvme3MmVRqHsdbGiGLN7wu+PzK8ZxH1WtmQE3kCgYEAw4GCptFK4oscLPQ1kyzJ +2EljKLap3rPrHwdSs5Qk1ig65M0l5AvzBruVRFCN67yYBiyO1+PpfqORalc5fZAm +ozeagXaeJfnhFSrRIRirV27oz7ek2Q/kY1toi7r9LX4A9a3dRFn/JrljtSJQA8BH +TlbKfpitgymq67NS8PTpZOECgYBwAU6TJKWFyx/KSKg1T2226Bymn9zEbUcib/da +irdAPTZTPsLNwr6SlSj+FZgkdWZGPd5JpGk+lwTbaTh7cJPNwZeo20GZ7HCnDwJ8 +m+y5Tc/cmyetoobZA482eJrIOndm3QhPGF3lExlgOnJCzi2FDI6IfNhlve8lAT55 +UPVJwQKBgQCvs9KQxBJBm/+LssLesrCBXJ9ww/Af2BxB1tHD8qUOBB0x/H1KpGex +2/pJaUPnHec+Ig5k7jMDyR+AOy68ycUPCRldjQ8Ym1ErB9frOSufm7XFSca335Wa +R1hYHsh22gwoUdqAZVgWzo1Y9hq38l3r6sRZFr+2v5QRVE+DE+vSzg== -----END RSA PRIVATE KEY----- diff --git a/integration/fixtures/k8s/01-traefik-crd.yml b/integration/fixtures/k8s/01-traefik-crd.yml index 345e90736..2bcfe5b28 100644 --- a/integration/fixtures/k8s/01-traefik-crd.yml +++ b/integration/fixtures/k8s/01-traefik-crd.yml @@ -1783,9 +1783,10 @@ spec: VersionTLS13. Default: VersionTLS10.' type: string preferServerCipherSuites: - description: PreferServerCipherSuites defines whether the server chooses - a cipher suite among his own instead of among the client's. It is - enabled automatically when minVersion or maxVersion are set. + description: 'PreferServerCipherSuites defines whether the server + chooses a cipher suite among his own instead of among the client''s. + It is enabled automatically when minVersion or maxVersion is set. + Deprecated: https://github.com/golang/go/issues/45430' type: boolean sniStrict: description: SniStrict defines whether Traefik allows connections diff --git a/integration/fixtures/tcp/multi-tls-options.toml b/integration/fixtures/tcp/multi-tls-options.toml index be9a2a172..f0b4a931c 100644 --- a/integration/fixtures/tcp/multi-tls-options.toml +++ b/integration/fixtures/tcp/multi-tls-options.toml @@ -41,7 +41,7 @@ [tls.options] [tls.options.foo] - minVersion = "VersionTLS11" + minVersion = "VersionTLS12" [tls.options.bar] - minVersion = "VersionTLS12" + minVersion = "VersionTLS13" diff --git a/integration/https_test.go b/integration/https_test.go index 6ddda5e8e..d30eebcc1 100644 --- a/integration/https_test.go +++ b/integration/https_test.go @@ -142,7 +142,7 @@ func (s *HTTPSSuite) TestWithTLSOptions(c *check.C) { tr1 := &http.Transport{ TLSClientConfig: &tls.Config{ InsecureSkipVerify: true, - MaxVersion: tls.VersionTLS11, + MaxVersion: tls.VersionTLS12, ServerName: "snitest.com", }, } @@ -194,7 +194,7 @@ func (s *HTTPSSuite) TestWithTLSOptions(c *check.C) { } _, err = client.Do(req) c.Assert(err, checker.NotNil) - c.Assert(err.Error(), checker.Contains, "protocol version not supported") + c.Assert(err.Error(), checker.Contains, "tls: no supported versions satisfy MinVersion and MaxVersion") // with unknown tls option err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains("unknown TLS options: unknown@file")) @@ -262,7 +262,7 @@ func (s *HTTPSSuite) TestWithConflictingTLSOptions(c *check.C) { } _, err = client.Do(req) c.Assert(err, checker.NotNil) - c.Assert(err.Error(), checker.Contains, "protocol version not supported") + c.Assert(err.Error(), checker.Contains, "tls: no supported versions satisfy MinVersion and MaxVersion") // with unknown tls option err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 1*time.Second, try.BodyContains(fmt.Sprintf("found different TLS options for routers on the same host %v, so using the default TLS options instead", tr4.TLSClientConfig.ServerName))) diff --git a/integration/integration_test.go b/integration/integration_test.go index 19b53ad53..c2a593f58 100644 --- a/integration/integration_test.go +++ b/integration/integration_test.go @@ -8,7 +8,6 @@ import ( "flag" "fmt" "io/fs" - "io/ioutil" "os" "os/exec" "path/filepath" @@ -349,7 +348,7 @@ type tailscaleNotSuite struct{ BaseSuite } // TODO(mpl): we could maybe even move this setup to the Makefile, to start it // and let it run (forever, or until voluntarily stopped). func setupVPN(c *check.C, keyFile string) *tailscaleNotSuite { - data, err := ioutil.ReadFile(keyFile) + data, err := os.ReadFile(keyFile) if err != nil { if !errors.Is(err, fs.ErrNotExist) { log.Fatal(err) diff --git a/integration/keepalive_test.go b/integration/keepalive_test.go index edd1f9383..df3bef575 100644 --- a/integration/keepalive_test.go +++ b/integration/keepalive_test.go @@ -77,7 +77,7 @@ func (s *KeepAliveSuite) TestShouldRespectConfiguredBackendHttpKeepAliveTime(c * }() server := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(200) + w.WriteHeader(http.StatusOK) })) server.Config.ConnState = func(conn net.Conn, state http.ConnState) { diff --git a/integration/tcp_test.go b/integration/tcp_test.go index adea43dd5..52a3813c9 100644 --- a/integration/tcp_test.go +++ b/integration/tcp_test.go @@ -102,18 +102,18 @@ func (s *TCPSuite) TestTLSOptions(c *check.C) { err = try.GetRequest("http://127.0.0.1:8080/api/rawdata", 5*time.Second, try.StatusCodeIs(http.StatusOK), try.BodyContains("HostSNI(`whoami-c.test`)")) c.Assert(err, checker.IsNil) - // Check that we can use a client tls version <= 1.1 with hostSNI 'whoami-c.test' - out, err := guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-c.test", true, tls.VersionTLS11) + // Check that we can use a client tls version <= 1.2 with hostSNI 'whoami-c.test' + out, err := guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-c.test", true, tls.VersionTLS12) c.Assert(err, checker.IsNil) c.Assert(out, checker.Contains, "whoami-no-cert") - // Check that we can use a client tls version <= 1.2 with hostSNI 'whoami-d.test' - out, err = guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-d.test", true, tls.VersionTLS12) + // Check that we can use a client tls version <= 1.3 with hostSNI 'whoami-d.test' + out, err = guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-d.test", true, tls.VersionTLS13) c.Assert(err, checker.IsNil) c.Assert(out, checker.Contains, "whoami-no-cert") - // Check that we cannot use a client tls version <= 1.1 with hostSNI 'whoami-d.test' - _, err = guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-d.test", true, tls.VersionTLS11) + // Check that we cannot use a client tls version <= 1.2 with hostSNI 'whoami-d.test' + _, err = guessWhoTLSMaxVersion("127.0.0.1:8093", "whoami-d.test", true, tls.VersionTLS12) c.Assert(err, checker.NotNil) c.Assert(err.Error(), checker.Contains, "protocol version not supported") } diff --git a/pkg/middlewares/compress/compress_test.go b/pkg/middlewares/compress/compress_test.go index d065882e2..8f7e85ae0 100644 --- a/pkg/middlewares/compress/compress_test.go +++ b/pkg/middlewares/compress/compress_test.go @@ -401,7 +401,7 @@ func BenchmarkCompress(b *testing.B) { }) handler, _ := New(context.Background(), next, dynamic.Compress{}, "testing") - req, _ := http.NewRequest("GET", "/whatever", nil) + req, _ := http.NewRequest(http.MethodGet, "/whatever", nil) req.Header.Set("Accept-Encoding", "gzip") b.ReportAllocs() diff --git a/pkg/middlewares/retry/retry_test.go b/pkg/middlewares/retry/retry_test.go index 8d629ebdf..4622093af 100644 --- a/pkg/middlewares/retry/retry_test.go +++ b/pkg/middlewares/retry/retry_test.go @@ -222,7 +222,7 @@ func (l *countingRetryListener) Retried(req *http.Request, attempt int) { func TestRetryWithFlush(t *testing.T) { next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { - rw.WriteHeader(200) + rw.WriteHeader(http.StatusOK) _, err := rw.Write([]byte("FULL ")) if err != nil { http.Error(rw, err.Error(), http.StatusInternalServerError) diff --git a/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml b/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml index f5ecab56c..1b45d9953 100644 --- a/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml +++ b/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml @@ -35,7 +35,6 @@ spec: - secret-ca1 - secret-ca2 clientAuthType: VerifyClientCertIfGiven - preferServerCipherSuites: true --- apiVersion: v1 kind: Secret diff --git a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml index f88d0f89a..3646d9522 100644 --- a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml +++ b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml @@ -35,7 +35,6 @@ spec: - secret-ca-default1 - secret-ca-default2 clientAuthType: VerifyClientCertIfGiven - preferServerCipherSuites: true --- apiVersion: traefik.containo.us/v1alpha1 diff --git a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml index 3bc9b95f3..49e128983 100644 --- a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml +++ b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml @@ -35,7 +35,6 @@ spec: - secret-ca1 - secret-ca2 clientAuthType: VerifyClientCertIfGiven - preferServerCipherSuites: true --- apiVersion: traefik.containo.us/v1alpha1 diff --git a/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml b/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml index 404fb6592..f49aab66e 100644 --- a/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml +++ b/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml @@ -35,7 +35,6 @@ spec: - secret-ca1 - secret-ca2 clientAuthType: VerifyClientCertIfGiven - preferServerCipherSuites: true --- apiVersion: traefik.containo.us/v1alpha1 diff --git a/pkg/provider/kubernetes/crd/kubernetes.go b/pkg/provider/kubernetes/crd/kubernetes.go index 7270c37d8..fe5ed4d33 100644 --- a/pkg/provider/kubernetes/crd/kubernetes.go +++ b/pkg/provider/kubernetes/crd/kubernetes.go @@ -821,9 +821,8 @@ func buildTLSOptions(ctx context.Context, client Client) map[string]tls.Options CAFiles: clientCAs, ClientAuthType: tlsOption.Spec.ClientAuth.ClientAuthType, }, - SniStrict: tlsOption.Spec.SniStrict, - PreferServerCipherSuites: tlsOption.Spec.PreferServerCipherSuites, - ALPNProtocols: alpnProtocols, + SniStrict: tlsOption.Spec.SniStrict, + ALPNProtocols: alpnProtocols, } } diff --git a/pkg/provider/kubernetes/crd/kubernetes_test.go b/pkg/provider/kubernetes/crd/kubernetes_test.go index 6c081f0b1..24c3c6f42 100644 --- a/pkg/provider/kubernetes/crd/kubernetes_test.go +++ b/pkg/provider/kubernetes/crd/kubernetes_test.go @@ -666,8 +666,7 @@ func TestLoadIngressRouteTCPs(t *testing.T) { }, ClientAuthType: "VerifyClientCertIfGiven", }, - SniStrict: true, - PreferServerCipherSuites: true, + SniStrict: true, ALPNProtocols: []string{ "h2", "http/1.1", @@ -2748,8 +2747,7 @@ func TestLoadIngressRoutes(t *testing.T) { }, ClientAuthType: "VerifyClientCertIfGiven", }, - SniStrict: true, - PreferServerCipherSuites: true, + SniStrict: true, ALPNProtocols: []string{ "h2", "http/1.1", @@ -2862,8 +2860,7 @@ func TestLoadIngressRoutes(t *testing.T) { }, ClientAuthType: "VerifyClientCertIfGiven", }, - SniStrict: true, - PreferServerCipherSuites: true, + SniStrict: true, ALPNProtocols: []string{ "h2", "http/1.1", diff --git a/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go index b468dc5e7..573473f1d 100644 --- a/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go @@ -42,7 +42,8 @@ type TLSOptionSpec struct { // SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension. SniStrict bool `json:"sniStrict,omitempty"` // PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. - // It is enabled automatically when minVersion or maxVersion are set. + // It is enabled automatically when minVersion or maxVersion is set. + // Deprecated: https://github.com/golang/go/issues/45430 PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty"` // ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. // More info: https://doc.traefik.io/traefik/v2.8/https/tls/#alpn-protocols diff --git a/pkg/redactor/redactor_config_test.go b/pkg/redactor/redactor_config_test.go index a8fa09e50..2314b8cd7 100644 --- a/pkg/redactor/redactor_config_test.go +++ b/pkg/redactor/redactor_config_test.go @@ -442,8 +442,7 @@ func init() { CAFiles: []traefiktls.FileOrContent{"ca.pem"}, ClientAuthType: "RequireAndVerifyClientCert", }, - SniStrict: true, - PreferServerCipherSuites: true, + SniStrict: true, }, }, Certificates: []*traefiktls.CertAndStores{ diff --git a/pkg/redactor/testdata/anonymized-dynamic-config.json b/pkg/redactor/testdata/anonymized-dynamic-config.json index 8236dcde7..eba7bd94a 100644 --- a/pkg/redactor/testdata/anonymized-dynamic-config.json +++ b/pkg/redactor/testdata/anonymized-dynamic-config.json @@ -463,8 +463,7 @@ "foo" ], "clientAuth": {}, - "sniStrict": true, - "preferServerCipherSuites": true + "sniStrict": true } }, "stores": { diff --git a/pkg/redactor/testdata/secured-dynamic-config.json b/pkg/redactor/testdata/secured-dynamic-config.json index cf71aab33..ac6d986e9 100644 --- a/pkg/redactor/testdata/secured-dynamic-config.json +++ b/pkg/redactor/testdata/secured-dynamic-config.json @@ -471,8 +471,7 @@ ], "clientAuthType": "RequireAndVerifyClientCert" }, - "sniStrict": true, - "preferServerCipherSuites": true + "sniStrict": true } }, "stores": { @@ -484,4 +483,4 @@ } } } -} \ No newline at end of file +} diff --git a/pkg/rules/parser.go b/pkg/rules/parser.go index b984ddb5a..061895d3c 100644 --- a/pkg/rules/parser.go +++ b/pkg/rules/parser.go @@ -5,6 +5,8 @@ import ( "strings" "github.com/vulcand/predicate" + "golang.org/x/text/cases" + "golang.org/x/text/language" ) const ( @@ -41,7 +43,7 @@ func NewParser(matchers []string) (predicate.Parser, error) { parserFuncs[matcherName] = fn parserFuncs[strings.ToLower(matcherName)] = fn parserFuncs[strings.ToUpper(matcherName)] = fn - parserFuncs[strings.Title(strings.ToLower(matcherName))] = fn + parserFuncs[cases.Title(language.Und).String(strings.ToLower(matcherName))] = fn } return predicate.NewParser(predicate.Def{ diff --git a/pkg/server/router/router_test.go b/pkg/server/router/router_test.go index d6659fb02..390a9a812 100644 --- a/pkg/server/router/router_test.go +++ b/pkg/server/router/router_test.go @@ -827,7 +827,7 @@ func BenchmarkRouterServe(b *testing.B) { b.Cleanup(func() { server.Close() }) res := &http.Response{ - StatusCode: 200, + StatusCode: http.StatusOK, Body: io.NopCloser(strings.NewReader("")), } @@ -879,7 +879,7 @@ func BenchmarkRouterServe(b *testing.B) { func BenchmarkService(b *testing.B) { res := &http.Response{ - StatusCode: 200, + StatusCode: http.StatusOK, Body: io.NopCloser(strings.NewReader("")), } diff --git a/pkg/server/router/tcp/router_test.go b/pkg/server/router/tcp/router_test.go index 1e2180090..26e799837 100644 --- a/pkg/server/router/tcp/router_test.go +++ b/pkg/server/router/tcp/router_test.go @@ -9,6 +9,7 @@ import ( "io" "net" "net/http" + "net/url" "strings" "testing" "time" @@ -109,8 +110,13 @@ func Test_Routing(t *testing.T) { for { conn, err := tcpBackendListener.Accept() if err != nil { - var netErr net.Error - if errors.As(err, &netErr) && netErr.Temporary() { + var opErr *net.OpError + if errors.As(err, &opErr) && opErr.Temporary() { + continue + } + + var urlErr *url.Error + if errors.As(err, &urlErr) && urlErr.Temporary() { continue } diff --git a/pkg/server/server_entrypoint_tcp.go b/pkg/server/server_entrypoint_tcp.go index 71f7a58eb..5d7095768 100644 --- a/pkg/server/server_entrypoint_tcp.go +++ b/pkg/server/server_entrypoint_tcp.go @@ -7,6 +7,7 @@ import ( stdlog "log" "net" "net/http" + "net/url" "os" "strings" "sync" @@ -195,8 +196,13 @@ func (e *TCPEntryPoint) Start(ctx context.Context) { if err != nil { logger.Error(err) - var netErr net.Error - if errors.As(err, &netErr) && netErr.Temporary() { + var opErr *net.OpError + if errors.As(err, &opErr) && opErr.Temporary() { + continue + } + + var urlErr *url.Error + if errors.As(err, &urlErr) && urlErr.Temporary() { continue } diff --git a/pkg/server/server_entrypoint_tcp_http3.go b/pkg/server/server_entrypoint_tcp_http3.go index 1a1c694b7..0f11b82b9 100644 --- a/pkg/server/server_entrypoint_tcp_http3.go +++ b/pkg/server/server_entrypoint_tcp_http3.go @@ -8,7 +8,6 @@ import ( "net" "net/http" "sync" - "time" "github.com/lucas-clemente/quic-go/http3" "github.com/traefik/traefik/v2/pkg/config/static" @@ -47,24 +46,17 @@ func newHTTP3Server(ctx context.Context, configuration *static.EntryPoint, https } h3.Server = &http3.Server{ - Port: configuration.HTTP3.AdvertisedPort, - Server: &http.Server{ - Addr: configuration.GetAddress(), - Handler: httpsServer.Server.(*http.Server).Handler, - ErrorLog: httpServerLogger, - ReadTimeout: time.Duration(configuration.Transport.RespondingTimeouts.ReadTimeout), - WriteTimeout: time.Duration(configuration.Transport.RespondingTimeouts.WriteTimeout), - IdleTimeout: time.Duration(configuration.Transport.RespondingTimeouts.IdleTimeout), - TLSConfig: &tls.Config{GetConfigForClient: h3.getGetConfigForClient}, - }, + Addr: configuration.GetAddress(), + Port: configuration.HTTP3.AdvertisedPort, + Handler: httpsServer.Server.(*http.Server).Handler, + TLSConfig: &tls.Config{GetConfigForClient: h3.getGetConfigForClient}, } previousHandler := httpsServer.Server.(*http.Server).Handler httpsServer.Server.(*http.Server).Handler = http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { - err := h3.Server.SetQuicHeaders(rw.Header()) - if err != nil { - log.FromContext(ctx).Errorf("failed to set HTTP3 headers: %v", err) + if err := h3.Server.SetQuicHeaders(rw.Header()); err != nil { + log.FromContext(ctx).Errorf("Failed to set HTTP3 headers: %v", err) } previousHandler.ServeHTTP(rw, req) @@ -90,3 +82,8 @@ func (e *http3server) getGetConfigForClient(info *tls.ClientHelloInfo) (*tls.Con return e.getter(info) } + +func (e *http3server) Shutdown(_ context.Context) error { + // TODO: use e.Server.CloseGracefully() when available. + return e.Server.Close() +} diff --git a/pkg/server/service/proxy_test.go b/pkg/server/service/proxy_test.go index 72805f2a1..3a0a34553 100644 --- a/pkg/server/service/proxy_test.go +++ b/pkg/server/service/proxy_test.go @@ -20,7 +20,7 @@ func (t *staticTransport) RoundTrip(r *http.Request) (*http.Response, error) { func BenchmarkProxy(b *testing.B) { res := &http.Response{ - StatusCode: 200, + StatusCode: http.StatusOK, Body: io.NopCloser(strings.NewReader("")), } diff --git a/pkg/server/service/proxy_websocket_test.go b/pkg/server/service/proxy_websocket_test.go index a03a06666..8b58cf94a 100644 --- a/pkg/server/service/proxy_websocket_test.go +++ b/pkg/server/service/proxy_websocket_test.go @@ -456,7 +456,7 @@ func TestWebSocketUpgradeFailed(t *testing.T) { mux := http.NewServeMux() mux.HandleFunc("/ws", func(w http.ResponseWriter, req *http.Request) { - w.WriteHeader(400) + w.WriteHeader(http.StatusBadRequest) }) srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { mux.ServeHTTP(w, req) @@ -472,7 +472,7 @@ func TestWebSocketUpgradeFailed(t *testing.T) { req.URL.Path = path f.ServeHTTP(w, req) } else { - w.WriteHeader(200) + w.WriteHeader(http.StatusOK) } })) defer proxy.Close() diff --git a/pkg/tls/tls.go b/pkg/tls/tls.go index d23370000..26c1b393f 100644 --- a/pkg/tls/tls.go +++ b/pkg/tls/tls.go @@ -22,7 +22,7 @@ type Options struct { CurvePreferences []string `json:"curvePreferences,omitempty" toml:"curvePreferences,omitempty" yaml:"curvePreferences,omitempty" export:"true"` ClientAuth ClientAuth `json:"clientAuth,omitempty" toml:"clientAuth,omitempty" yaml:"clientAuth,omitempty"` SniStrict bool `json:"sniStrict,omitempty" toml:"sniStrict,omitempty" yaml:"sniStrict,omitempty" export:"true"` - PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty" toml:"preferServerCipherSuites,omitempty" yaml:"preferServerCipherSuites,omitempty" export:"true"` + PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty" toml:"preferServerCipherSuites,omitempty" yaml:"preferServerCipherSuites,omitempty" export:"true"` // Deprecated: https://github.com/golang/go/issues/45430 ALPNProtocols []string `json:"alpnProtocols,omitempty" toml:"alpnProtocols,omitempty" yaml:"alpnProtocols,omitempty" export:"true"` } diff --git a/pkg/tls/tlsmanager.go b/pkg/tls/tlsmanager.go index 961b1d8e3..1b9c37396 100644 --- a/pkg/tls/tlsmanager.go +++ b/pkg/tls/tlsmanager.go @@ -299,18 +299,13 @@ func buildTLSConfig(tlsOption Options) (*tls.Config, error) { } } - // Set PreferServerCipherSuites. - conf.PreferServerCipherSuites = tlsOption.PreferServerCipherSuites - // Set the minimum TLS version if set in the config if minConst, exists := MinVersion[tlsOption.MinVersion]; exists { - conf.PreferServerCipherSuites = true conf.MinVersion = minConst } // Set the maximum TLS version if set in the config TOML if maxConst, exists := MaxVersion[tlsOption.MaxVersion]; exists { - conf.PreferServerCipherSuites = true conf.MaxVersion = maxConst } diff --git a/script/codegen.Dockerfile b/script/codegen.Dockerfile index 7915cb798..6f6bafe03 100644 --- a/script/codegen.Dockerfile +++ b/script/codegen.Dockerfile @@ -1,3 +1,4 @@ +# TODO rewrite this to be able to use go1.19. FROM golang:1.17 ARG USER=$USER From 4755bb2f33c558b326070b87953d6d8df42362e7 Mon Sep 17 00:00:00 2001 From: Romain Date: Thu, 11 Aug 2022 10:58:09 +0200 Subject: [PATCH 06/15] Control allocation and copy of labelNamesValues type Co-authored-by: Kevin Pollet --- pkg/metrics/prometheus.go | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/pkg/metrics/prometheus.go b/pkg/metrics/prometheus.go index 1f23dcf2d..7f2f6114e 100644 --- a/pkg/metrics/prometheus.go +++ b/pkg/metrics/prometheus.go @@ -469,9 +469,8 @@ func (d *dynamicConfig) hasServerURL(serviceName, serverURL string) bool { func newCounterFrom(opts stdprometheus.CounterOpts, labelNames []string) *counter { cv := stdprometheus.NewCounterVec(opts, labelNames) c := &counter{ - name: opts.Name, - cv: cv, - labelNamesValues: make([]string, 0, 16), + name: opts.Name, + cv: cv, } if len(labelNames) == 0 { c.collector = cv.WithLabelValues() @@ -508,9 +507,8 @@ func (c *counter) Describe(ch chan<- *stdprometheus.Desc) { func newGaugeFrom(opts stdprometheus.GaugeOpts, labelNames []string) *gauge { gv := stdprometheus.NewGaugeVec(opts, labelNames) g := &gauge{ - name: opts.Name, - gv: gv, - labelNamesValues: make([]string, 0, 16), + name: opts.Name, + gv: gv, } if len(labelNames) == 0 { @@ -552,9 +550,8 @@ func (g *gauge) Describe(ch chan<- *stdprometheus.Desc) { func newHistogramFrom(opts stdprometheus.HistogramOpts, labelNames []string) *histogram { hv := stdprometheus.NewHistogramVec(opts, labelNames) return &histogram{ - name: opts.Name, - hv: hv, - labelNamesValues: make([]string, 0, 16), + name: opts.Name, + hv: hv, } } @@ -593,7 +590,12 @@ func (lvs labelNamesValues) With(labelValues ...string) labelNamesValues { if len(labelValues)%2 != 0 { labelValues = append(labelValues, "unknown") } - return append(lvs, labelValues...) + + labels := make([]string, len(lvs)+len(labelValues)) + n := copy(labels, lvs) + copy(labels[n:], labelValues) + + return labels } // ToLabels is a convenience method to convert a labelNamesValues From 40db06204b05786cf7386f7de6e5f0468c6d9b46 Mon Sep 17 00:00:00 2001 From: Kevin Pollet Date: Thu, 11 Aug 2022 15:42:07 +0200 Subject: [PATCH 07/15] Update valkeyrie to a9a70ee --- go.mod | 17 ++++++----- go.sum | 30 +++++++++++-------- integration/consul_test.go | 4 ++- integration/etcd_test.go | 4 ++- integration/redis_test.go | 4 ++- integration/try/condition.go | 3 +- integration/zk_test.go | 4 ++- pkg/provider/kv/kv.go | 16 +++++----- pkg/provider/kv/kv_mock_test.go | 27 +++++++++-------- pkg/provider/kv/kv_test.go | 4 +-- pkg/provider/kv/storewrapper.go | 52 +++++++++++++++++---------------- 11 files changed, 93 insertions(+), 72 deletions(-) diff --git a/go.mod b/go.mod index 0a867b8bf..0e7ce8eed 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/ExpediaDotCom/haystack-client-go v0.0.0-20190315171017-e7edbdf53a61 github.com/Masterminds/sprig/v3 v3.2.2 github.com/abbot/go-http-auth v0.0.0-00010101000000-000000000000 - github.com/aws/aws-sdk-go v1.39.0 + github.com/aws/aws-sdk-go v1.44.47 github.com/cenkalti/backoff/v4 v4.1.1 github.com/compose-spec/compose-go v1.0.3 github.com/containous/alice v0.0.0-20181107144136-d83ebdd94cbd @@ -36,7 +36,7 @@ require ( github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d github.com/instana/go-sensor v1.38.3 github.com/klauspost/compress v1.14.2 - github.com/kvtools/valkeyrie v0.4.1 + github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199 github.com/lucas-clemente/quic-go v0.28.1 github.com/mailgun/ttlmap v0.0.0-20170619185759-c1c17f74874f github.com/miekg/dns v1.1.47 @@ -135,6 +135,7 @@ require ( github.com/cpu/goacmedns v0.1.1 // indirect github.com/deepmap/oapi-codegen v1.8.2 // indirect github.com/dgraph-io/ristretto v0.1.0 // indirect + github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect github.com/dimchansky/utfbom v1.1.1 // indirect github.com/distribution/distribution/v3 v3.0.0-20210316161203-a01c71e2477e // indirect github.com/dnsimple/dnsimple-go v0.70.1 // indirect @@ -158,6 +159,7 @@ require ( github.com/go-errors/errors v1.0.1 // indirect github.com/go-logfmt/logfmt v0.5.1 // indirect github.com/go-logr/logr v0.4.0 // indirect + github.com/go-redis/redis/v8 v8.11.5 // indirect github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48 // indirect github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect github.com/go-zookeeper/zk v1.0.2 // indirect @@ -258,7 +260,7 @@ require ( github.com/nrdcg/namesilo v0.2.1 // indirect github.com/nrdcg/porkbun v0.1.1 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/onsi/ginkgo v1.16.4 // indirect + github.com/onsi/ginkgo v1.16.5 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.0.2 // indirect github.com/opencontainers/runc v1.0.2 // indirect @@ -299,9 +301,9 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.elastic.co/apm/module/apmhttp v1.13.1 // indirect go.elastic.co/fastjson v1.1.0 // indirect - go.etcd.io/etcd/api/v3 v3.5.0 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect - go.etcd.io/etcd/client/v3 v3.5.0 // indirect + go.etcd.io/etcd/api/v3 v3.5.4 // indirect + go.etcd.io/etcd/client/pkg/v3 v3.5.4 // indirect + go.etcd.io/etcd/client/v3 v3.5.4 // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect @@ -311,7 +313,7 @@ require ( golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a // indirect + golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e // indirect golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/api v0.44.0 // indirect @@ -321,7 +323,6 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.62.0 // indirect gopkg.in/ns1/ns1-go.v2 v2.6.2 // indirect - gopkg.in/redis.v5 v5.2.9 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index f05106f2e..418785035 100644 --- a/go.sum +++ b/go.sum @@ -238,8 +238,8 @@ github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.34.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48= -github.com/aws/aws-sdk-go v1.39.0 h1:74BBwkEmiqBbi2CGflEh34l0YNtIibTjZsibGarkNjo= -github.com/aws/aws-sdk-go v1.39.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= +github.com/aws/aws-sdk-go v1.44.47 h1:uyiNvoR4wfZ8Bp4ghgbyzGFIg5knjZMUAd5S9ba9qNU= +github.com/aws/aws-sdk-go v1.44.47/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/aws/aws-sdk-go-v2 v1.0.0/go.mod h1:smfAbmpW+tcRVuNUjo3MOArSZmW72t62rkCzc2i0TWM= github.com/aws/aws-sdk-go-v2/config v1.0.0/go.mod h1:WysE/OpUgE37tjtmtJd8GXgT8s1euilE5XtUkRNUQ1w= @@ -514,6 +514,7 @@ github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2 h1:tdlZCpZ/P9DhczCTSixgIKmwPv6+wP5DGjqLYw5SUiA= github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/digitalocean/godo v1.1.1/go.mod h1:h6faOIcZ8lWIwNQ+DN7b3CgX4Kwby5T+nbpNqkUIozU= @@ -719,6 +720,8 @@ github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= github.com/go-redis/redis/v7 v7.1.0/go.mod h1:JDNMw23GTyLNC4GZu9njt15ctBQVn7xjRfnwdHj/Dcg= github.com/go-redis/redis/v8 v8.0.0/go.mod h1:isLoQT/NFSP7V67lyvM9GmdvLdyZ7pEhsXvvyQtnQTo= +github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= +github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48 h1:JVrqSeQfdhYRFk24TvhTZWU0q8lfCojxZQFi3Ou7+uY= github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8= github.com/go-sql-driver/mysql v1.3.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= @@ -1269,8 +1272,8 @@ github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kvtools/valkeyrie v0.4.1 h1:S0lOF4OOmPFd1i37vHmgCVr7/2ygwL4grKbHT5vGQ6M= -github.com/kvtools/valkeyrie v0.4.1/go.mod h1:E34+bty7IqLoFkOqGD9AHDE4Bw4APJtoKmj0cqJJ7ug= +github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199 h1:SF+ZjtFyUPxkkCLYowtWzTeEMeziEKdW0Qhg9siq9b8= +github.com/kvtools/valkeyrie v0.4.2-0.20220810161836-a9a70ee3f199/go.mod h1:6gM2lOTGIFQxcIioo3/EEeOS0knFB8+AFKydVIN/nAU= github.com/kylelemons/go-gypsy v0.0.0-20160905020020-08cad365cd28/go.mod h1:T/T7jsxVqf9k/zYOqbgNAsANsjxTd1Yq3htjDhQ1H0c= github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= github.com/labbsr0x/bindman-dns-webhook v1.0.2 h1:I7ITbmQPAVwrDdhd6dHKi+MYJTJqPCK0jE6YNBAevnk= @@ -1520,8 +1523,9 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.0.0/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= @@ -1649,6 +1653,7 @@ github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeD github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= +github.com/prometheus/client_golang v1.11.1/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= github.com/prometheus/client_golang v1.12.2-0.20220704083116-e8f91604d835 h1:sYuFGkrz0PtewSFk0Bg7p7jjiiklc6FUIWz+mFGQfD0= github.com/prometheus/client_golang v1.12.2-0.20220704083116-e8f91604d835/go.mod h1:RjnYTcBFM8s+WRft6oBqj4p5OgXJASPw5UFiI7w+GSs= @@ -2018,13 +2023,15 @@ go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= -go.etcd.io/etcd/api/v3 v3.5.0 h1:GsV3S+OfZEOCNXdtNkBSR7kgLobAa/SO6tCxRa0GAYw= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= -go.etcd.io/etcd/client/pkg/v3 v3.5.0 h1:2aQv6F436YnN7I4VbI8PPYrBhu+SmrTaADcf8Mi/6PU= +go.etcd.io/etcd/api/v3 v3.5.4 h1:OHVyt3TopwtUQ2GKdd5wu3PmmipR4FTwCqoEjSyRdIc= +go.etcd.io/etcd/api/v3 v3.5.4/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A= go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= +go.etcd.io/etcd/client/pkg/v3 v3.5.4 h1:lrneYvz923dvC14R54XcA7FXoZ3mlGZAgmwhfm7HqOg= +go.etcd.io/etcd/client/pkg/v3 v3.5.4/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= -go.etcd.io/etcd/client/v3 v3.5.0 h1:62Eh0XOro+rDwkrypAGDfgmNh5Joq+z+W9HZdlXMzek= -go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0= +go.etcd.io/etcd/client/v3 v3.5.4 h1:p83BUL3tAYS0OT/r0qglgc3M1JjhM0diV8DSWAhVXv4= +go.etcd.io/etcd/client/v3 v3.5.4/go.mod h1:ZaRkVgBZC+L+dLCjTcF1hRXpgZXQPOvnA/Ak/gq3kiY= go.mongodb.org/mongo-driver v1.5.1/go.mod h1:gRXCHX4Jo7J0IJ1oDQyUxF7jfy19UfxniMS4xxMmUqw= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA= @@ -2393,8 +2400,9 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a h1:dGzPydgVsqGcTRVwiLJ1jVbufYwmzD3LfVPLKsKg+0k= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e h1:CsOuNlbOuf0mzxJIefr6Q4uAUetRUwZE4qt7VfzP+xo= +golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -2708,8 +2716,6 @@ gopkg.in/ns1/ns1-go.v2 v2.6.2 h1:tC+gRSN6fmnb9l9cVrIysXyuRO0wV6cZrjDqlMB0gGc= gopkg.in/ns1/ns1-go.v2 v2.6.2/go.mod h1:GMnKY+ZuoJ+lVLL+78uSTjwTz2jMazq6AfGKQOYhsPk= gopkg.in/olivere/elastic.v3 v3.0.75/go.mod h1:yDEuSnrM51Pc8dM5ov7U8aI/ToR3PG0llA8aRv2qmw0= gopkg.in/olivere/elastic.v5 v5.0.84/go.mod h1:LXF6q9XNBxpMqrcgax95C6xyARXWbbCXUrtTxrNrxJI= -gopkg.in/redis.v5 v5.2.9 h1:MNZYOLPomQzZMfpN3ZtD1uyJ2IDonTTlxYiV/pEApiw= -gopkg.in/redis.v5 v5.2.9/go.mod h1:6gtv0/+A4iM08kdRfocWYB3bLX2tebpNtfKlFT6H4mY= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= diff --git a/integration/consul_test.go b/integration/consul_test.go index 59c661a57..7037ab46c 100644 --- a/integration/consul_test.go +++ b/integration/consul_test.go @@ -2,6 +2,7 @@ package integration import ( "bytes" + "context" "encoding/json" "fmt" "net" @@ -36,6 +37,7 @@ func (s *ConsulSuite) setupStore(c *check.C) { consul.Register() kv, err := valkeyrie.NewStore( + context.Background(), store.CONSUL, []string{consulAddr}, &store.Config{ @@ -105,7 +107,7 @@ func (s *ConsulSuite) TestSimpleConfiguration(c *check.C) { } for k, v := range data { - err := s.kvClient.Put(k, []byte(v), nil) + err := s.kvClient.Put(context.Background(), k, []byte(v), nil) c.Assert(err, checker.IsNil) } diff --git a/integration/etcd_test.go b/integration/etcd_test.go index 3b7b2bca2..8f0630181 100644 --- a/integration/etcd_test.go +++ b/integration/etcd_test.go @@ -2,6 +2,7 @@ package integration import ( "bytes" + "context" "encoding/json" "net" "net/http" @@ -35,6 +36,7 @@ func (s *EtcdSuite) SetUpSuite(c *check.C) { var err error s.etcdAddr = net.JoinHostPort(s.getComposeServiceIP(c, "etcd"), "2379") s.kvClient, err = valkeyrie.NewStore( + context.Background(), store.ETCDV3, []string{s.etcdAddr}, &store.Config{ @@ -101,7 +103,7 @@ func (s *EtcdSuite) TestSimpleConfiguration(c *check.C) { } for k, v := range data { - err := s.kvClient.Put(k, []byte(v), nil) + err := s.kvClient.Put(context.Background(), k, []byte(v), nil) c.Assert(err, checker.IsNil) } diff --git a/integration/redis_test.go b/integration/redis_test.go index 520fefdf3..859d5498a 100644 --- a/integration/redis_test.go +++ b/integration/redis_test.go @@ -2,6 +2,7 @@ package integration import ( "bytes" + "context" "encoding/json" "net" "net/http" @@ -33,6 +34,7 @@ func (s *RedisSuite) setupStore(c *check.C) { s.redisAddr = net.JoinHostPort(s.getComposeServiceIP(c, "redis"), "6379") redis.Register() kv, err := valkeyrie.NewStore( + context.Background(), store.REDIS, []string{s.redisAddr}, &store.Config{ @@ -102,7 +104,7 @@ func (s *RedisSuite) TestSimpleConfiguration(c *check.C) { } for k, v := range data { - err := s.kvClient.Put(k, []byte(v), nil) + err := s.kvClient.Put(context.Background(), k, []byte(v), nil) c.Assert(err, checker.IsNil) } diff --git a/integration/try/condition.go b/integration/try/condition.go index 7325360a9..66c70a899 100644 --- a/integration/try/condition.go +++ b/integration/try/condition.go @@ -1,6 +1,7 @@ package try import ( + "context" "errors" "fmt" "io" @@ -185,7 +186,7 @@ type DoCondition func() error // Verify if a Key exists in the store. func KVExists(kv store.Store, key string) DoCondition { return func() error { - _, err := kv.Exists(key, nil) + _, err := kv.Exists(context.Background(), key, nil) return err } } diff --git a/integration/zk_test.go b/integration/zk_test.go index 77f904e2e..04ebbe5b2 100644 --- a/integration/zk_test.go +++ b/integration/zk_test.go @@ -2,6 +2,7 @@ package integration import ( "bytes" + "context" "encoding/json" "net" "net/http" @@ -36,6 +37,7 @@ func (s *ZookeeperSuite) setupStore(c *check.C) { var err error s.kvClient, err = valkeyrie.NewStore( + context.Background(), store.ZK, []string{s.zookeeperAddr}, &store.Config{ @@ -104,7 +106,7 @@ func (s *ZookeeperSuite) TestSimpleConfiguration(c *check.C) { } for k, v := range data { - err := s.kvClient.Put(k, []byte(v), nil) + err := s.kvClient.Put(context.Background(), k, []byte(v), nil) c.Assert(err, checker.IsNil) } diff --git a/pkg/provider/kv/kv.go b/pkg/provider/kv/kv.go index 173c49698..4ced1362a 100644 --- a/pkg/provider/kv/kv.go +++ b/pkg/provider/kv/kv.go @@ -67,7 +67,7 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. logger := log.FromContext(ctx) operation := func() error { - if _, err := p.kvClient.Exists(path.Join(p.RootKey, "qmslkjdfmqlskdjfmqlksjazçueznbvbwzlkajzebvkwjdcqmlsfj"), nil); err != nil { + if _, err := p.kvClient.Exists(ctx, path.Join(p.RootKey, "qmslkjdfmqlskdjfmqlksjazçueznbvbwzlkajzebvkwjdcqmlsfj"), nil); err != nil { return fmt.Errorf("KV store connection error: %w", err) } return nil @@ -76,12 +76,12 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. notify := func(err error, time time.Duration) { logger.Errorf("KV connection error: %+v, retrying in %s", err, time) } - err := backoff.RetryNotify(safe.OperationWithRecover(operation), job.NewBackOff(backoff.NewExponentialBackOff()), notify) + err := backoff.RetryNotify(safe.OperationWithRecover(operation), backoff.WithContext(job.NewBackOff(backoff.NewExponentialBackOff()), ctx), notify) if err != nil { return fmt.Errorf("cannot connect to KV server: %w", err) } - configuration, err := p.buildConfiguration() + configuration, err := p.buildConfiguration(ctx) if err != nil { logger.Errorf("Cannot build the configuration: %v", err) } else { @@ -105,7 +105,7 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. func (p *Provider) watchKv(ctx context.Context, configurationChan chan<- dynamic.Message) error { operation := func() error { - events, err := p.kvClient.WatchTree(p.RootKey, ctx.Done(), nil) + events, err := p.kvClient.WatchTree(ctx, p.RootKey, nil) if err != nil { return fmt.Errorf("failed to watch KV: %w", err) } @@ -119,7 +119,7 @@ func (p *Provider) watchKv(ctx context.Context, configurationChan chan<- dynamic return errors.New("the WatchTree channel is closed") } - configuration, errC := p.buildConfiguration() + configuration, errC := p.buildConfiguration(ctx) if errC != nil { return errC } @@ -146,8 +146,8 @@ func (p *Provider) watchKv(ctx context.Context, configurationChan chan<- dynamic return nil } -func (p *Provider) buildConfiguration() (*dynamic.Configuration, error) { - pairs, err := p.kvClient.List(p.RootKey, nil) +func (p *Provider) buildConfiguration(ctx context.Context) (*dynamic.Configuration, error) { + pairs, err := p.kvClient.List(ctx, p.RootKey, nil) if err != nil { return nil, err } @@ -190,7 +190,7 @@ func (p *Provider) createKVClient(ctx context.Context) (store.Store, error) { redis.Register() } - kvStore, err := valkeyrie.NewStore(p.storeType, p.Endpoints, storeConfig) + kvStore, err := valkeyrie.NewStore(ctx, p.storeType, p.Endpoints, storeConfig) if err != nil { return nil, err } diff --git a/pkg/provider/kv/kv_mock_test.go b/pkg/provider/kv/kv_mock_test.go index aa74f7c6f..14c45a6c8 100644 --- a/pkg/provider/kv/kv_mock_test.go +++ b/pkg/provider/kv/kv_mock_test.go @@ -1,6 +1,7 @@ package kv import ( + "context" "errors" "strings" @@ -41,11 +42,11 @@ func newKvClientMock(kvPairs []*store.KVPair, err error) *Mock { return mock } -func (s *Mock) Put(key string, value []byte, opts *store.WriteOptions) error { +func (s *Mock) Put(ctx context.Context, key string, value []byte, opts *store.WriteOptions) error { return errors.New("method Put not supported") } -func (s *Mock) Get(key string, options *store.ReadOptions) (*store.KVPair, error) { +func (s *Mock) Get(ctx context.Context, key string, options *store.ReadOptions) (*store.KVPair, error) { if err := s.Error.Get; err != nil { return nil, err } @@ -57,12 +58,12 @@ func (s *Mock) Get(key string, options *store.ReadOptions) (*store.KVPair, error return nil, store.ErrKeyNotFound } -func (s *Mock) Delete(key string) error { +func (s *Mock) Delete(ctx context.Context, key string) error { return errors.New("method Delete not supported") } // Exists mock. -func (s *Mock) Exists(key string, options *store.ReadOptions) (bool, error) { +func (s *Mock) Exists(ctx context.Context, key string, options *store.ReadOptions) (bool, error) { if err := s.Error.Get; err != nil { return false, err } @@ -75,22 +76,22 @@ func (s *Mock) Exists(key string, options *store.ReadOptions) (bool, error) { } // Watch mock. -func (s *Mock) Watch(key string, stopCh <-chan struct{}, options *store.ReadOptions) (<-chan *store.KVPair, error) { +func (s *Mock) Watch(ctx context.Context, key string, options *store.ReadOptions) (<-chan *store.KVPair, error) { return nil, errors.New("method Watch not supported") } // WatchTree mock. -func (s *Mock) WatchTree(prefix string, stopCh <-chan struct{}, options *store.ReadOptions) (<-chan []*store.KVPair, error) { +func (s *Mock) WatchTree(ctx context.Context, prefix string, options *store.ReadOptions) (<-chan []*store.KVPair, error) { return s.WatchTreeMethod(), nil } // NewLock mock. -func (s *Mock) NewLock(key string, options *store.LockOptions) (store.Locker, error) { +func (s *Mock) NewLock(ctx context.Context, key string, options *store.LockOptions) (store.Locker, error) { return nil, errors.New("method NewLock not supported") } // List mock. -func (s *Mock) List(prefix string, options *store.ReadOptions) ([]*store.KVPair, error) { +func (s *Mock) List(ctx context.Context, prefix string, options *store.ReadOptions) ([]*store.KVPair, error) { if err := s.Error.List; err != nil { return nil, err } @@ -104,19 +105,21 @@ func (s *Mock) List(prefix string, options *store.ReadOptions) ([]*store.KVPair, } // DeleteTree mock. -func (s *Mock) DeleteTree(prefix string) error { +func (s *Mock) DeleteTree(ctx context.Context, prefix string) error { return errors.New("method DeleteTree not supported") } // AtomicPut mock. -func (s *Mock) AtomicPut(key string, value []byte, previous *store.KVPair, opts *store.WriteOptions) (bool, *store.KVPair, error) { +func (s *Mock) AtomicPut(ctx context.Context, key string, value []byte, previous *store.KVPair, opts *store.WriteOptions) (bool, *store.KVPair, error) { return false, nil, errors.New("method AtomicPut not supported") } // AtomicDelete mock. -func (s *Mock) AtomicDelete(key string, previous *store.KVPair) (bool, error) { +func (s *Mock) AtomicDelete(ctx context.Context, key string, previous *store.KVPair) (bool, error) { return false, errors.New("method AtomicDelete not supported") } // Close mock. -func (s *Mock) Close() {} +func (s *Mock) Close() error { + return nil +} diff --git a/pkg/provider/kv/kv_test.go b/pkg/provider/kv/kv_test.go index a7097755f..535a48bab 100644 --- a/pkg/provider/kv/kv_test.go +++ b/pkg/provider/kv/kv_test.go @@ -283,7 +283,7 @@ func Test_buildConfiguration(t *testing.T) { "traefik/tls/certificates/1/stores/1": "foobar", })) - cfg, err := provider.buildConfiguration() + cfg, err := provider.buildConfiguration(context.Background()) require.NoError(t, err) expected := &dynamic.Configuration{ @@ -929,7 +929,7 @@ func Test_buildConfiguration_KV_error(t *testing.T) { }, } - cfg, err := provider.buildConfiguration() + cfg, err := provider.buildConfiguration(context.Background()) require.Error(t, err) assert.Nil(t, cfg) } diff --git a/pkg/provider/kv/storewrapper.go b/pkg/provider/kv/storewrapper.go index 7f46c878c..2a7b9aad7 100644 --- a/pkg/provider/kv/storewrapper.go +++ b/pkg/provider/kv/storewrapper.go @@ -1,6 +1,8 @@ package kv import ( + "context" + "github.com/kvtools/valkeyrie/store" "github.com/traefik/traefik/v2/pkg/log" ) @@ -9,110 +11,110 @@ type storeWrapper struct { store.Store } -func (s *storeWrapper) Put(key string, value []byte, options *store.WriteOptions) error { +func (s *storeWrapper) Put(ctx context.Context, key string, value []byte, options *store.WriteOptions) error { log.WithoutContext().Debugf("Put: %s", key, string(value)) if s.Store == nil { return nil } - return s.Store.Put(key, value, options) + return s.Store.Put(ctx, key, value, options) } -func (s *storeWrapper) Get(key string, options *store.ReadOptions) (*store.KVPair, error) { +func (s *storeWrapper) Get(ctx context.Context, key string, options *store.ReadOptions) (*store.KVPair, error) { log.WithoutContext().Debugf("Get: %s", key) if s.Store == nil { return nil, nil } - return s.Store.Get(key, options) + return s.Store.Get(ctx, key, options) } -func (s *storeWrapper) Delete(key string) error { +func (s *storeWrapper) Delete(ctx context.Context, key string) error { log.WithoutContext().Debugf("Delete: %s", key) if s.Store == nil { return nil } - return s.Store.Delete(key) + return s.Store.Delete(ctx, key) } -func (s *storeWrapper) Exists(key string, options *store.ReadOptions) (bool, error) { +func (s *storeWrapper) Exists(ctx context.Context, key string, options *store.ReadOptions) (bool, error) { log.WithoutContext().Debugf("Exists: %s", key) if s.Store == nil { return true, nil } - return s.Store.Exists(key, options) + return s.Store.Exists(ctx, key, options) } -func (s *storeWrapper) Watch(key string, stopCh <-chan struct{}, options *store.ReadOptions) (<-chan *store.KVPair, error) { +func (s *storeWrapper) Watch(ctx context.Context, key string, options *store.ReadOptions) (<-chan *store.KVPair, error) { log.WithoutContext().Debugf("Watch: %s", key) if s.Store == nil { return nil, nil } - return s.Store.Watch(key, stopCh, options) + return s.Store.Watch(ctx, key, options) } -func (s *storeWrapper) WatchTree(directory string, stopCh <-chan struct{}, options *store.ReadOptions) (<-chan []*store.KVPair, error) { +func (s *storeWrapper) WatchTree(ctx context.Context, directory string, options *store.ReadOptions) (<-chan []*store.KVPair, error) { log.WithoutContext().Debugf("WatchTree: %s", directory) if s.Store == nil { return nil, nil } - return s.Store.WatchTree(directory, stopCh, options) + return s.Store.WatchTree(ctx, directory, options) } -func (s *storeWrapper) NewLock(key string, options *store.LockOptions) (store.Locker, error) { +func (s *storeWrapper) NewLock(ctx context.Context, key string, options *store.LockOptions) (store.Locker, error) { log.WithoutContext().Debugf("NewLock: %s", key) if s.Store == nil { return nil, nil } - return s.Store.NewLock(key, options) + return s.Store.NewLock(ctx, key, options) } -func (s *storeWrapper) List(directory string, options *store.ReadOptions) ([]*store.KVPair, error) { +func (s *storeWrapper) List(ctx context.Context, directory string, options *store.ReadOptions) ([]*store.KVPair, error) { log.WithoutContext().Debugf("List: %s", directory) if s.Store == nil { return nil, nil } - return s.Store.List(directory, options) + return s.Store.List(ctx, directory, options) } -func (s *storeWrapper) DeleteTree(directory string) error { +func (s *storeWrapper) DeleteTree(ctx context.Context, directory string) error { log.WithoutContext().Debugf("DeleteTree: %s", directory) if s.Store == nil { return nil } - return s.Store.DeleteTree(directory) + return s.Store.DeleteTree(ctx, directory) } -func (s *storeWrapper) AtomicPut(key string, value []byte, previous *store.KVPair, options *store.WriteOptions) (bool, *store.KVPair, error) { +func (s *storeWrapper) AtomicPut(ctx context.Context, key string, value []byte, previous *store.KVPair, options *store.WriteOptions) (bool, *store.KVPair, error) { log.WithoutContext().Debugf("AtomicPut: %s", key, string(value), previous) if s.Store == nil { return true, nil, nil } - return s.Store.AtomicPut(key, value, previous, options) + return s.Store.AtomicPut(ctx, key, value, previous, options) } -func (s *storeWrapper) AtomicDelete(key string, previous *store.KVPair) (bool, error) { +func (s *storeWrapper) AtomicDelete(ctx context.Context, key string, previous *store.KVPair) (bool, error) { log.WithoutContext().Debugf("AtomicDelete: %s", key, previous) if s.Store == nil { return true, nil } - return s.Store.AtomicDelete(key, previous) + return s.Store.AtomicDelete(ctx, key, previous) } -func (s *storeWrapper) Close() { +func (s *storeWrapper) Close() error { log.WithoutContext().Debugf("Close") if s.Store == nil { - return + return nil } - s.Store.Close() + return s.Store.Close() } From 63f9ec9c385b6201ed2688edb8736d0bffd27d6c Mon Sep 17 00:00:00 2001 From: Romain Date: Thu, 11 Aug 2022 16:20:14 +0200 Subject: [PATCH 08/15] Remove request dump from IPWhitelist debug log and tracing message --- pkg/middlewares/ipwhitelist/ip_whitelist.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkg/middlewares/ipwhitelist/ip_whitelist.go b/pkg/middlewares/ipwhitelist/ip_whitelist.go index 1f5745524..dde042b42 100644 --- a/pkg/middlewares/ipwhitelist/ip_whitelist.go +++ b/pkg/middlewares/ipwhitelist/ip_whitelist.go @@ -63,15 +63,16 @@ func (wl *ipWhiteLister) ServeHTTP(rw http.ResponseWriter, req *http.Request) { ctx := middlewares.GetLoggerCtx(req.Context(), wl.name, typeName) logger := log.FromContext(ctx) - err := wl.whiteLister.IsAuthorized(wl.strategy.GetIP(req)) + clientIP := wl.strategy.GetIP(req) + err := wl.whiteLister.IsAuthorized(clientIP) if err != nil { - logMessage := fmt.Sprintf("rejecting request %+v: %v", req, err) - logger.Debug(logMessage) - tracing.SetErrorWithEvent(req, logMessage) + msg := fmt.Sprintf("Rejecting IP %s: %v", clientIP, err) + logger.Debug(msg) + tracing.SetErrorWithEvent(req, msg) reject(ctx, rw) return } - logger.Debugf("Accept %s: %+v", wl.strategy.GetIP(req), req) + logger.Debugf("Accepting IP %s", clientIP) wl.next.ServeHTTP(rw, req) } From 23c26d64eeb72eaecaecedc31ca740e83304fde2 Mon Sep 17 00:00:00 2001 From: Romain Date: Thu, 11 Aug 2022 16:50:10 +0200 Subject: [PATCH 09/15] Prepare release v2.8.2 --- CHANGELOG.md | 20 ++++++++++++++++++++ script/gcg/traefik-bugfix.toml | 6 +++--- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49a1ec9a9..eb6efcd46 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,23 @@ +## [v2.8.2](https://github.com/traefik/traefik/tree/v2.8.2) (2022-08-11) +[All Commits](https://github.com/traefik/traefik/compare/v2.8.1...v2.8.2) + +**Bug fixes:** +- **[k8s/ingress,k8s]** Place namespace before name in router key for Ingress ([#9221](https://github.com/traefik/traefik/pull/9221) by [longshine](https://github.com/longshine)) +- **[kv]** Update valkeyrie to a9a70ee ([#9243](https://github.com/traefik/traefik/pull/9243) by [kevinpollet](https://github.com/kevinpollet)) +- **[logs,middleware,tracing]** Remove request dump from IPWhitelist debug log and tracing message ([#9244](https://github.com/traefik/traefik/pull/9244) by [rtribotte](https://github.com/rtribotte)) +- **[metrics]** Control allocation and copy of labelNamesValues type ([#9241](https://github.com/traefik/traefik/pull/9241) by [rtribotte](https://github.com/rtribotte)) +- **[metrics]** Fix service up gauge for Prometheus metrics ([#9197](https://github.com/traefik/traefik/pull/9197) by [juliens](https://github.com/juliens)) +- **[plugins]** Bump paerser to v0.1.6 ([#9224](https://github.com/traefik/traefik/pull/9224) by [ldez](https://github.com/ldez)) +- **[yaml]** Add missing inline tag for YAML serialization ([#9182](https://github.com/traefik/traefik/pull/9182) by [kevinpollet](https://github.com/kevinpollet)) + +**Documentation:** +- **[k8s]** Fix wording of default behavior for namespaces option ([#9222](https://github.com/traefik/traefik/pull/9222) by [markormesher](https://github.com/markormesher)) +- **[k8s]** Add getting started guide for Kubernetes ([#9163](https://github.com/traefik/traefik/pull/9163) by [moutoum](https://github.com/moutoum)) +- **[plugins]** Remove Traefik Pilot and add a Traefik Plugins Catalog page ([#9171](https://github.com/traefik/traefik/pull/9171) by [sdelicata](https://github.com/sdelicata)) +- Update Thank You page with proper branding and grammar fixes ([#9203](https://github.com/traefik/traefik/pull/9203) by [tfny](https://github.com/tfny)) +- Update CONTRIBUTING.md to contain all information in one place ([#9192](https://github.com/traefik/traefik/pull/9192) by [tfny](https://github.com/tfny)) +- Update the PR guidelines in Contributing docs ([#9179](https://github.com/traefik/traefik/pull/9179) by [tfny](https://github.com/tfny)) + ## [v2.8.1](https://github.com/traefik/traefik/tree/v2.8.1) (2022-07-11) [All Commits](https://github.com/traefik/traefik/compare/v2.8.0...v2.8.1) diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml index 3a2af099d..5aa6ba937 100644 --- a/script/gcg/traefik-bugfix.toml +++ b/script/gcg/traefik-bugfix.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example new bugfix v2.8.1 +# example new bugfix v2.8.2 CurrentRef = "v2.8" -PreviousRef = "v2.8.0" +PreviousRef = "v2.8.1" BaseBranch = "v2.8" -FutureCurrentRefName = "v2.8.1" +FutureCurrentRefName = "v2.8.2" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 From 868ab7a5c8bfc4360eb7fc9fca21920dee69cef5 Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Fri, 12 Aug 2022 09:48:07 +0200 Subject: [PATCH 10/15] fix: update paerser to v0.1.7 --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 0e7ce8eed..1e4a121c0 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/sirupsen/logrus v1.8.1 github.com/stretchr/testify v1.8.0 github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 - github.com/traefik/paerser v0.1.6 + github.com/traefik/paerser v0.1.7 github.com/traefik/yaegi v0.14.1 github.com/uber/jaeger-client-go v2.30.0+incompatible github.com/uber/jaeger-lib v2.2.0+incompatible diff --git a/go.sum b/go.sum index 418785035..94e8b2c1e 100644 --- a/go.sum +++ b/go.sum @@ -1903,8 +1903,8 @@ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305 h1:y/1cL5AL2oRcfzz8CAHHhR6kDDfIOT0WEyH5k40sccM= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305/go.mod h1:gXOLibKqQTRAVuVZ9gX7G9Ykky8ll8yb4slxsEMoY0c= -github.com/traefik/paerser v0.1.6 h1:UqqAW0M3r+aF7DibUVwO1PiZ8cXLsUkpFv5hhxPCscA= -github.com/traefik/paerser v0.1.6/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= +github.com/traefik/paerser v0.1.7 h1:xy84brL05/DMoff+KhY2ucq9+D3rnN9MH+3WtlmvvKU= +github.com/traefik/paerser v0.1.7/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= github.com/traefik/yaegi v0.14.1 h1:t0ssyzeZCWTFGd/JnVuDxH/slMQfYg+2CDD4dLW/rU0= github.com/traefik/yaegi v0.14.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0= github.com/transip/gotransip/v6 v6.6.1 h1:nsCU1ErZS5G0FeOpgGXc4FsWvBff9GPswSMggsC4564= From 6dd63e17020bc449e0db80afd97d2bc9b13bcb52 Mon Sep 17 00:00:00 2001 From: Romain Date: Fri, 12 Aug 2022 10:44:08 +0200 Subject: [PATCH 11/15] Add missing context in backoff for Marathon --- pkg/provider/marathon/marathon.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/provider/marathon/marathon.go b/pkg/provider/marathon/marathon.go index b15bb5f2a..aab469785 100644 --- a/pkg/provider/marathon/marathon.go +++ b/pkg/provider/marathon/marathon.go @@ -192,7 +192,7 @@ func (p *Provider) Provide(configurationChan chan<- dynamic.Message, pool *safe. notify := func(err error, time time.Duration) { logger.Errorf("Provider connection error %+v, retrying in %s", err, time) } - err := backoff.RetryNotify(safe.OperationWithRecover(operation), job.NewBackOff(backoff.NewExponentialBackOff()), notify) + err := backoff.RetryNotify(safe.OperationWithRecover(operation), backoff.WithContext(job.NewBackOff(backoff.NewExponentialBackOff()), ctx), notify) if err != nil { logger.Errorf("Cannot connect to Provider server: %+v", err) } From a5530856897e5ce6571991e7a5e66b82de4b705e Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Fri, 12 Aug 2022 11:42:10 +0200 Subject: [PATCH 12/15] Add migration guide for v2.8.3 --- docs/content/migration/v2.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 03c7eec49..73e58aba6 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -480,3 +480,14 @@ Since `v2.5.0`, the `PreferServerCipherSuites` is [deprecated and ignored](https in `v2.8.2` the `preferServerCipherSuites` option is also deprecated and ignored in Traefik. In `v2.8.2`, Traefik now reject certificates signed with the SHA-1 hash function. ([details](https://tip.golang.org/doc/go1.18#sha1)) + +## v2.8.3 + +Since `v2.8.2`, when using the [file provider](https://doc.traefik.io/traefik/v2.8/providers/file/), +malformed options of the [dynamic configuration](https://doc.traefik.io/traefik/v2.8/getting-started/configuration-overview/#the-dynamic-configuration) are detected. +If a string is used as a value for a list/array in a configuration file an error is raised. + +In `v2.8.2`, the malformed dynamic configuration produced a panic, which is now reported as an error in `v2.8.3`. + +If you are using the [file provider](https://doc.traefik.io/traefik/v2.8/providers/file/) to define the dynamic configuration, +we recommend using a [JSON Schema](https://www.schemastore.org/json/) to validate the configuration before upgrading to a version higher than `v2.8.1`. From 2cac58d9c0a76fc26d079d203ec1607a16b2ec6e Mon Sep 17 00:00:00 2001 From: Ludovic Fernandez Date: Fri, 12 Aug 2022 16:08:07 +0200 Subject: [PATCH 13/15] Update paeser to v0.1.8 --- docs/content/migration/v2.md | 11 ----------- go.mod | 2 +- go.sum | 4 ++-- 3 files changed, 3 insertions(+), 14 deletions(-) diff --git a/docs/content/migration/v2.md b/docs/content/migration/v2.md index 73e58aba6..03c7eec49 100644 --- a/docs/content/migration/v2.md +++ b/docs/content/migration/v2.md @@ -480,14 +480,3 @@ Since `v2.5.0`, the `PreferServerCipherSuites` is [deprecated and ignored](https in `v2.8.2` the `preferServerCipherSuites` option is also deprecated and ignored in Traefik. In `v2.8.2`, Traefik now reject certificates signed with the SHA-1 hash function. ([details](https://tip.golang.org/doc/go1.18#sha1)) - -## v2.8.3 - -Since `v2.8.2`, when using the [file provider](https://doc.traefik.io/traefik/v2.8/providers/file/), -malformed options of the [dynamic configuration](https://doc.traefik.io/traefik/v2.8/getting-started/configuration-overview/#the-dynamic-configuration) are detected. -If a string is used as a value for a list/array in a configuration file an error is raised. - -In `v2.8.2`, the malformed dynamic configuration produced a panic, which is now reported as an error in `v2.8.3`. - -If you are using the [file provider](https://doc.traefik.io/traefik/v2.8/providers/file/) to define the dynamic configuration, -we recommend using a [JSON Schema](https://www.schemastore.org/json/) to validate the configuration before upgrading to a version higher than `v2.8.1`. diff --git a/go.mod b/go.mod index 1e4a121c0..98b128bb0 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/sirupsen/logrus v1.8.1 github.com/stretchr/testify v1.8.0 github.com/stvp/go-udp-testing v0.0.0-20191102171040-06b61409b154 - github.com/traefik/paerser v0.1.7 + github.com/traefik/paerser v0.1.8 github.com/traefik/yaegi v0.14.1 github.com/uber/jaeger-client-go v2.30.0+incompatible github.com/uber/jaeger-lib v2.2.0+incompatible diff --git a/go.sum b/go.sum index 94e8b2c1e..31044ce79 100644 --- a/go.sum +++ b/go.sum @@ -1903,8 +1903,8 @@ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/ github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305 h1:y/1cL5AL2oRcfzz8CAHHhR6kDDfIOT0WEyH5k40sccM= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305/go.mod h1:gXOLibKqQTRAVuVZ9gX7G9Ykky8ll8yb4slxsEMoY0c= -github.com/traefik/paerser v0.1.7 h1:xy84brL05/DMoff+KhY2ucq9+D3rnN9MH+3WtlmvvKU= -github.com/traefik/paerser v0.1.7/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= +github.com/traefik/paerser v0.1.8 h1:DmX/v9KwWAFvRr5A/XQzLLfd1BSWgh710q+dZJmjZ+c= +github.com/traefik/paerser v0.1.8/go.mod h1:Dk3Bfz6Zyj13/S8pJyRdx/FNvXlsVRVbtp0UK4ZSiA0= github.com/traefik/yaegi v0.14.1 h1:t0ssyzeZCWTFGd/JnVuDxH/slMQfYg+2CDD4dLW/rU0= github.com/traefik/yaegi v0.14.1/go.mod h1:AVRxhaI2G+nUsaM1zyktzwXn69G3t/AuTDrCiTds9p0= github.com/transip/gotransip/v6 v6.6.1 h1:nsCU1ErZS5G0FeOpgGXc4FsWvBff9GPswSMggsC4564= From b3f4f6bb21ba31b93fde72888f06564c53b02b93 Mon Sep 17 00:00:00 2001 From: Kevin Pollet Date: Fri, 12 Aug 2022 16:19:31 +0200 Subject: [PATCH 14/15] Prepare release v2.8.3 --- CHANGELOG.md | 7 +++++++ script/gcg/traefik-bugfix.toml | 6 +++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index eb6efcd46..8ac20acdc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## [v2.8.3](https://github.com/traefik/traefik/tree/v2.8.3) (2022-08-12) +[All Commits](https://github.com/traefik/traefik/compare/v2.8.2...v2.8.3) + +**Bug fixes:** +- **[file]** Update paerser to v0.1.8 ([#9258](https://github.com/traefik/traefik/pull/9258) by [ldez](https://github.com/ldez)) +- **[marathon]** Add missing context in backoff for Marathon ([#9246](https://github.com/traefik/traefik/pull/9246) by [rtribotte](https://github.com/rtribotte)) + ## [v2.8.2](https://github.com/traefik/traefik/tree/v2.8.2) (2022-08-11) [All Commits](https://github.com/traefik/traefik/compare/v2.8.1...v2.8.2) diff --git a/script/gcg/traefik-bugfix.toml b/script/gcg/traefik-bugfix.toml index 5aa6ba937..f6a9dda54 100644 --- a/script/gcg/traefik-bugfix.toml +++ b/script/gcg/traefik-bugfix.toml @@ -4,11 +4,11 @@ RepositoryName = "traefik" OutputType = "file" FileName = "traefik_changelog.md" -# example new bugfix v2.8.2 +# example new bugfix v2.8.3 CurrentRef = "v2.8" -PreviousRef = "v2.8.1" +PreviousRef = "v2.8.2" BaseBranch = "v2.8" -FutureCurrentRefName = "v2.8.2" +FutureCurrentRefName = "v2.8.3" ThresholdPreviousRef = 10 ThresholdCurrentRef = 10 From 9c02612f65ae4a8b978b82bd39cfa7439ae24d8d Mon Sep 17 00:00:00 2001 From: Tom Moulard Date: Thu, 18 Aug 2022 11:24:08 +0200 Subject: [PATCH 15/15] Update codegen docker image to golang:1.19 --- .../clientset/versioned/fake/register.go | 14 +++++++------- .../clientset/versioned/scheme/register.go | 14 +++++++------- script/codegen.Dockerfile | 18 +++++++++--------- 3 files changed, 23 insertions(+), 23 deletions(-) diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go index eab6b27df..3ab7c4b73 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/fake/register.go @@ -45,14 +45,14 @@ var localSchemeBuilder = runtime.SchemeBuilder{ // AddToScheme adds all types of this clientset into the given scheme. This allows composition // of clientsets, like in: // -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) // -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) // // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types // correctly. diff --git a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go index 18b5e7680..55a7726a9 100644 --- a/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go +++ b/pkg/provider/kubernetes/crd/generated/clientset/versioned/scheme/register.go @@ -45,14 +45,14 @@ var localSchemeBuilder = runtime.SchemeBuilder{ // AddToScheme adds all types of this clientset into the given scheme. This allows composition // of clientsets, like in: // -// import ( -// "k8s.io/client-go/kubernetes" -// clientsetscheme "k8s.io/client-go/kubernetes/scheme" -// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" -// ) +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) // -// kclientset, _ := kubernetes.NewForConfig(c) -// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) // // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types // correctly. diff --git a/script/codegen.Dockerfile b/script/codegen.Dockerfile index 6f6bafe03..ac2815fb5 100644 --- a/script/codegen.Dockerfile +++ b/script/codegen.Dockerfile @@ -1,5 +1,4 @@ -# TODO rewrite this to be able to use go1.19. -FROM golang:1.17 +FROM golang:1.19 ARG USER=$USER ARG UID=$UID @@ -9,14 +8,15 @@ USER ${UID}:${GID} ARG KUBE_VERSION -RUN go get k8s.io/code-generator@$KUBE_VERSION; exit 0 -RUN go get k8s.io/apimachinery@$KUBE_VERSION; exit 0 -RUN go get k8s.io/code-generator/cmd/deepcopy-gen@$KUBE_VERSION; exit 0 -RUN go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.6.2; exit 0 +RUN go install k8s.io/code-generator/cmd/defaulter-gen@$KUBE_VERSION +RUN go install k8s.io/code-generator/cmd/client-gen@$KUBE_VERSION +RUN go install k8s.io/code-generator/cmd/lister-gen@$KUBE_VERSION +RUN go install k8s.io/code-generator/cmd/informer-gen@$KUBE_VERSION +RUN go install k8s.io/code-generator/cmd/deepcopy-gen@$KUBE_VERSION +RUN go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.6.2 -RUN mkdir -p $GOPATH/src/k8s.io/{code-generator,apimachinery} -RUN cp -R $GOPATH/pkg/mod/k8s.io/code-generator@$KUBE_VERSION $GOPATH/src/k8s.io/code-generator -RUN cp -R $GOPATH/pkg/mod/k8s.io/apimachinery@$KUBE_VERSION $GOPATH/src/k8s.io/apimachinery +RUN mkdir -p $GOPATH/src/k8s.io/code-generator +RUN cp -R $GOPATH/pkg/mod/k8s.io/code-generator@$KUBE_VERSION/* $GOPATH/src/k8s.io/code-generator/ RUN chmod +x $GOPATH/src/k8s.io/code-generator/generate-groups.sh WORKDIR $GOPATH/src/k8s.io/code-generator