diff --git a/LICENSES b/LICENSES index 137f4974..d27cf6dd 100644 --- a/LICENSES +++ b/LICENSES @@ -61,6 +61,7 @@ github.com/go418/concurrentcache,Apache-2.0 github.com/go418/concurrentcache/logger,Apache-2.0 github.com/gogo/protobuf,BSD-3-Clause github.com/golang-jwt/jwt/v4,MIT +github.com/golang-jwt/jwt/v5,MIT github.com/google/btree,Apache-2.0 github.com/google/cel-go,Apache-2.0 github.com/google/cel-go,BSD-3-Clause diff --git a/deploy/charts/venafi-kubernetes-agent/crd_bases/jetstack.io_venaficonnections.yaml b/deploy/charts/venafi-kubernetes-agent/crd_bases/jetstack.io_venaficonnections.yaml index 2321284a..962e44fb 100644 --- a/deploy/charts/venafi-kubernetes-agent/crd_bases/jetstack.io_venaficonnections.yaml +++ b/deploy/charts/venafi-kubernetes-agent/crd_bases/jetstack.io_venaficonnections.yaml @@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.18.0 + controller-gen.kubebuilder.io/version: v0.19.0 name: venaficonnections.jetstack.io spec: group: jetstack.io @@ -261,7 +261,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -273,13 +273,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -293,7 +293,8 @@ spec: type: array x-kubernetes-list-type: atomic url: - description: The URL to connect to the Venafi Firefly instance. + description: The URL to connect to the Workload Identity Manager + instance. type: string required: - url @@ -463,7 +464,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -475,13 +476,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -496,7 +497,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by venafi-connection-lib. @@ -511,7 +512,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -673,7 +674,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -685,13 +686,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -707,7 +708,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -869,7 +870,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -881,13 +882,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -902,7 +903,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -916,7 +917,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1078,7 +1079,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1090,13 +1091,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -1112,7 +1113,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1274,7 +1275,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1286,13 +1287,13 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: description: TenantID is the tenant ID used to authenticate - with VCP. + with Certificate Manager, SaaS. type: string type: object type: object @@ -1307,7 +1308,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -1367,8 +1368,8 @@ spec: type: string tokenValidUntil: description: |- - The ValidUntil time of the token used to authenticate with the Venafi - Control Plane server. + The ValidUntil time of the token used to authenticate with the + Certificate Manager, SaaS. format: date-time type: string type: diff --git a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml index 7750112e..b04312ef 100644 --- a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml +++ b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.without-validations.yaml @@ -261,7 +261,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -273,12 +273,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -286,7 +286,7 @@ spec: type: array x-kubernetes-list-type: atomic url: - description: The URL to connect to the Venafi Firefly instance. + description: The URL to connect to the Workload Identity Manager instance. type: string required: - url @@ -451,7 +451,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -463,12 +463,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -477,7 +477,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by venafi-connection-lib. @@ -491,7 +491,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -648,7 +648,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -660,12 +660,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -675,7 +675,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -832,7 +832,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -844,12 +844,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -858,7 +858,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -867,7 +867,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1024,7 +1024,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1036,12 +1036,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -1051,7 +1051,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1208,7 +1208,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1220,12 +1220,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -1234,7 +1234,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -1280,8 +1280,8 @@ spec: type: string tokenValidUntil: description: |- - The ValidUntil time of the token used to authenticate with the Venafi - Control Plane server. + The ValidUntil time of the token used to authenticate with the + Certificate Manager, SaaS. format: date-time type: string type: diff --git a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml index 9cf8eefe..74647373 100644 --- a/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml +++ b/deploy/charts/venafi-kubernetes-agent/templates/venafi-connection-crd.yaml @@ -261,7 +261,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -273,12 +273,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -289,7 +289,7 @@ spec: type: array x-kubernetes-list-type: atomic url: - description: The URL to connect to the Venafi Firefly instance. + description: The URL to connect to the Workload Identity Manager instance. type: string required: - url @@ -454,7 +454,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -466,12 +466,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -483,7 +483,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by venafi-connection-lib. @@ -497,7 +497,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -654,7 +654,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -666,12 +666,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -684,7 +684,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -841,7 +841,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -853,12 +853,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -870,7 +870,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -882,7 +882,7 @@ spec: accessToken: description: |- The list of steps to retrieve the Access Token that will be used to connect - to VCP. + to Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1039,7 +1039,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1051,12 +1051,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -1069,7 +1069,7 @@ spec: apiKey: description: |- The list of steps to retrieve the API key that will be used to connect to - VCP. + Certificate Manager, SaaS. items: properties: hashicorpVaultLDAP: @@ -1226,7 +1226,7 @@ spec: type: string url: description: |- - The URL to connect to the Venafi TPP instance. The two URLs + The URL to connect to the Certificate Manager, Self-Hosted instance. The two URLs https://tpp.example.com and https://tpp.example.com/vedsdk are equivalent. The ending `/vedsdk` is optional and is stripped out by our client. @@ -1238,12 +1238,12 @@ spec: type: object vcpOAuth: description: |- - VCPOAuth is a SecretSource step that authenticates to the Venafi Control - Plane. This step is meant to be the last step and requires a prior step + VCPOAuth is a SecretSource step that authenticates to the + Certificate Manager, SaaS. This step is meant to be the last step and requires a prior step that outputs a JWT token. properties: tenantID: - description: TenantID is the tenant ID used to authenticate with VCP. + description: TenantID is the tenant ID used to authenticate with Certificate Manager, SaaS. type: string type: object type: object @@ -1255,7 +1255,7 @@ spec: x-kubernetes-list-type: atomic url: description: |- - The URL to connect to the Venafi VCP instance. If not set, the default + The URL to connect to the Certificate Manager, SaaS instance. If not set, the default value https://api.venafi.cloud is used. type: string type: object @@ -1307,8 +1307,8 @@ spec: type: string tokenValidUntil: description: |- - The ValidUntil time of the token used to authenticate with the Venafi - Control Plane server. + The ValidUntil time of the token used to authenticate with the + Certificate Manager, SaaS. format: date-time type: string type: diff --git a/go.mod b/go.mod index 9fc73e99..2eabd2f0 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/fatih/color v1.18.0 github.com/google/uuid v1.6.0 github.com/hashicorp/go-multierror v1.1.1 - github.com/jetstack/venafi-connection-lib v0.5.0 + github.com/jetstack/venafi-connection-lib v0.5.1 github.com/microcosm-cc/bluemonday v1.0.27 github.com/pmylund/go-cache v2.1.0+incompatible github.com/prometheus/client_golang v1.23.2 @@ -39,6 +39,7 @@ require ( github.com/go-logr/zapr v1.3.0 // indirect github.com/go418/concurrentcache v0.6.0 // indirect github.com/go418/concurrentcache/logger v0.0.0-20250207095056-c0b7f8cc8bc2 // indirect + github.com/golang-jwt/jwt/v5 v5.3.0 // indirect github.com/google/btree v1.1.3 // indirect github.com/google/cel-go v0.26.0 // indirect github.com/google/gnostic-models v0.7.0 // indirect @@ -106,6 +107,6 @@ require ( gopkg.in/yaml.v3 v3.0.1 k8s.io/klog/v2 v2.130.1 k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect - k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect + k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect ) diff --git a/go.sum b/go.sum index 1bc1b4fd..13f8945b 100644 --- a/go.sum +++ b/go.sum @@ -103,8 +103,8 @@ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+l github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/jetstack/venafi-connection-lib v0.5.0 h1:chxpeqJ0z35NYW9NOiNx+Q3hRkTwIcWgDN6W53kqSLw= -github.com/jetstack/venafi-connection-lib v0.5.0/go.mod h1:18NQcpxoYFbV7omOXyeg5pZIEYi9giVYVE9L+E58Ufw= +github.com/jetstack/venafi-connection-lib v0.5.1 h1:mS6sSSnLQDpSMZZ4tlju5D4q15eFnrs9StuGR4vDUtY= +github.com/jetstack/venafi-connection-lib v0.5.1/go.mod h1:Ph7uZeaeYldFIFC4vUcUQ3LSTVOLXvwgw5h1/6r1VMA= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -313,8 +313,8 @@ k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b h1:MloQ9/bdJyIu9lb1PzujOPolHyvO06MXG5TUIj2mNAA= k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b/go.mod h1:UZ2yyWbFTpuhSbFhv24aGNOdoRdJZgsIObGBUaYVsts= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y= -k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck= +k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 h1:jpcvIRr3GLoUoEKRkHKSmGjxb6lWwrBlJsXc+eUYQHM= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= sigs.k8s.io/controller-runtime v0.22.3 h1:I7mfqz/a/WdmDCEnXmSPm8/b/yRTy6JsKKENTijTq8Y= diff --git a/hack/ark/test-e2e.sh b/hack/ark/test-e2e.sh index 40e147d7..ddad0899 100755 --- a/hack/ark/test-e2e.sh +++ b/hack/ark/test-e2e.sh @@ -71,6 +71,7 @@ helm upgrade agent "oci://${ARK_CHART}@${ARK_CHART_DIGEST}" \ --wait \ --create-namespace \ --namespace "$NAMESPACE" \ + --set-json extraArgs='["--log-level=6"]' \ --set pprof.enabled=true \ --set fullnameOverride=disco-agent \ --set "image.digest=${ARK_IMAGE_DIGEST}" \ diff --git a/internal/cyberark/client_test.go b/internal/cyberark/client_test.go index 6d0afb00..3c945fc8 100644 --- a/internal/cyberark/client_test.go +++ b/internal/cyberark/client_test.go @@ -7,7 +7,6 @@ import ( "github.com/jetstack/venafi-connection-lib/http_client" "github.com/stretchr/testify/require" - "k8s.io/client-go/transport" "k8s.io/klog/v2" "k8s.io/klog/v2/ktesting" @@ -61,7 +60,6 @@ func TestCyberArkClient_PutSnapshot_RealAPI(t *testing.T) { var rootCAs *x509.CertPool httpClient := http_client.NewDefaultClient(version.UserAgent(), rootCAs) - httpClient.Transport = transport.NewDebuggingRoundTripper(httpClient.Transport, transport.DebugByContext) cfg, err := cyberark.LoadClientConfigFromEnvironment() if err != nil { diff --git a/internal/cyberark/identity/cmd/testidentity/main.go b/internal/cyberark/identity/cmd/testidentity/main.go index e0028231..8729cfbe 100644 --- a/internal/cyberark/identity/cmd/testidentity/main.go +++ b/internal/cyberark/identity/cmd/testidentity/main.go @@ -9,7 +9,6 @@ import ( "os/signal" "github.com/jetstack/venafi-connection-lib/http_client" - "k8s.io/client-go/transport" "k8s.io/klog/v2" "github.com/jetstack/preflight/internal/cyberark/identity" @@ -50,7 +49,6 @@ func run(ctx context.Context) error { var rootCAs *x509.CertPool httpClient := http_client.NewDefaultClient(version.UserAgent(), rootCAs) - httpClient.Transport = transport.NewDebuggingRoundTripper(httpClient.Transport, transport.DebugByContext) sdClient := servicediscovery.New(httpClient) services, err := sdClient.DiscoverServices(ctx, subdomain) diff --git a/pkg/agent/config.go b/pkg/agent/config.go index 8cee63b0..624f80b5 100644 --- a/pkg/agent/config.go +++ b/pkg/agent/config.go @@ -15,7 +15,6 @@ import ( "github.com/spf13/cobra" "gopkg.in/yaml.v3" "k8s.io/client-go/rest" - "k8s.io/client-go/transport" "github.com/jetstack/preflight/api" "github.com/jetstack/preflight/pkg/client" @@ -815,7 +814,6 @@ func validateCredsAndCreateClient(log logr.Logger, flagCredentialsPath, flagClie rootCAs *x509.CertPool ) httpClient := http_client.NewDefaultClient(version.UserAgent(), rootCAs) - httpClient.Transport = transport.NewDebuggingRoundTripper(httpClient.Transport, transport.DebugByContext) outputClient, err = client.NewCyberArk(httpClient) if err != nil { errs = multierror.Append(errs, err) diff --git a/pkg/client/client_cyberark_test.go b/pkg/client/client_cyberark_test.go index 2294119c..f0df5c64 100644 --- a/pkg/client/client_cyberark_test.go +++ b/pkg/client/client_cyberark_test.go @@ -8,7 +8,6 @@ import ( "github.com/jetstack/venafi-connection-lib/http_client" "github.com/stretchr/testify/require" k8sversion "k8s.io/apimachinery/pkg/version" - "k8s.io/client-go/transport" "k8s.io/klog/v2" "k8s.io/klog/v2/ktesting" @@ -59,7 +58,6 @@ func TestCyberArkClient_PostDataReadingsWithOptions_RealAPI(t *testing.T) { var rootCAs *x509.CertPool httpClient := http_client.NewDefaultClient(version.UserAgent(), rootCAs) - httpClient.Transport = transport.NewDebuggingRoundTripper(httpClient.Transport, transport.DebugByContext) c, err := client.NewCyberArk(httpClient) if err != nil {