From b702f6be181ee6ff037ccee59f9ede0104c85824 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 08:06:37 +0200 Subject: [PATCH 1/7] toggle audit --- CHANGELOG.md | 4 ++++ helm/cluster/README.md | 2 ++ .../files/etc/audit/rules.d/99-default.rules | 2 ++ .../templates/clusterapi/_helpers_flatcar.tpl | 2 ++ helm/cluster/tests/go.sum | 1 + helm/cluster/values.schema.json | 14 ++++++++++++++ helm/cluster/values.yaml | 2 ++ 7 files changed, 27 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49eecde2..a83291fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + +- Allow to enable `audit-rules` service through `global.components.audit.enabled`. + ## [1.2.2] - 2024-09-05 ### Fixed diff --git a/helm/cluster/README.md b/helm/cluster/README.md index 4f448c31..94c7c9b2 100644 --- a/helm/cluster/README.md +++ b/helm/cluster/README.md @@ -205,6 +205,8 @@ Advanced configuration of components that are running on all nodes. | **Property** | **Description** | **More Details** | | :----------- | :-------------- | :--------------- | +| `global.components.audit` | **Audit** - Enable Audit rules service.|**Type:** `object`
| +| `global.components.audit.enabled` | **Enabled** - Whether or not the Audit rules service shall be enabled. When true, the Audit rules service is enabled. When false, the Audit rules service is disabled.|**Type:** `boolean`
**Default:** `false`| | `global.components.containerd` | **Containerd** - Configuration of containerd.|**Type:** `object`
| | `global.components.containerd.containerRegistries` | **Container registries** - Endpoints and credentials configuration for container registries.|**Type:** `object`
**Default:** `{"docker.io":[{"endpoint":"registry-1.docker.io"},{"endpoint":"giantswarm.azurecr.io"}],"gsoci.azurecr.io":[{"endpoint":"gsoci.azurecr.io"}]}`| | `global.components.containerd.containerRegistries.*` | **Registries** - Container registries and mirrors|**Type:** `array`
| diff --git a/helm/cluster/files/etc/audit/rules.d/99-default.rules b/helm/cluster/files/etc/audit/rules.d/99-default.rules index adc07b33..2f30d8f4 100644 --- a/helm/cluster/files/etc/audit/rules.d/99-default.rules +++ b/helm/cluster/files/etc/audit/rules.d/99-default.rules @@ -1,3 +1,5 @@ +{{- if ($.Values.global.components.audit).enabled -}} # Overridden by Giant Swarm. -a exit,always -F arch=b64 -S execve -k auditing -a exit,always -F arch=b32 -S execve -k auditing +{{- end }} diff --git a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl index c8cd5690..251512fd 100644 --- a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl @@ -181,6 +181,7 @@ CPUAccounting=true MemoryAccounting=true Slice=kubereserved.slice +{{- if $.Values.global.components.audit.enabled }} - name: audit-rules.service enabled: true dropins: @@ -190,6 +191,7 @@ ExecStartPre=/bin/bash -c "while [ ! -f /etc/audit/rules.d/containerd.rules ]; do echo 'Waiting for /etc/audit/rules.d/containerd.rules to be written' && sleep 1; done" Restart=on-failure {{- end }} +{{- end }} {{- define "cluster.internal.kubeadm.ignition.containerLinuxConfig.additionalConfig.systemd.units.teleport" }} {{- if $.Values.providerIntegration.teleport.enabled }} diff --git a/helm/cluster/tests/go.sum b/helm/cluster/tests/go.sum index c74ef8c3..9fef3a74 100644 --- a/helm/cluster/tests/go.sum +++ b/helm/cluster/tests/go.sum @@ -68,6 +68,7 @@ golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/helm/cluster/values.schema.json b/helm/cluster/values.schema.json index 018b0c34..b7d1f257 100644 --- a/helm/cluster/values.schema.json +++ b/helm/cluster/values.schema.json @@ -1172,6 +1172,20 @@ "description": "Advanced configuration of components that are running on all nodes.", "additionalProperties": false, "properties": { + "audit": { + "type": "object", + "title": "Audit", + "description": "Enable Audit rules service.", + "additionalProperties": false, + "properties": { + "enabled": { + "type": "boolean", + "title": "Enabled", + "description": "Whether or not the Audit rules service shall be enabled. When true, the Audit rules service is enabled. When false, the Audit rules service is disabled.", + "default": false + } + } + }, "containerd": { "type": "object", "title": "Containerd", diff --git a/helm/cluster/values.yaml b/helm/cluster/values.yaml index 0b1540cd..140c8caa 100644 --- a/helm/cluster/values.yaml +++ b/helm/cluster/values.yaml @@ -27,6 +27,8 @@ global: verticalPodAutoscaler: {} verticalPodAutoscalerCrd: {} components: + audit: + enabled: false containerd: containerRegistries: docker.io: From 76bb6f7cb039cda9d2e01afa9a38143944b2c795 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 08:17:56 +0200 Subject: [PATCH 2/7] toggle audit --- CHANGELOG.md | 2 +- helm/cluster/README.md | 4 ++-- helm/cluster/files/etc/audit/rules.d/99-default.rules | 2 +- helm/cluster/templates/clusterapi/_helpers_flatcar.tpl | 2 +- helm/cluster/values.schema.json | 8 ++++---- helm/cluster/values.yaml | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a83291fb..f95c8ea2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added -- Allow to enable `audit-rules` service through `global.components.audit.enabled`. +- Allow to enable `auditd` service through `global.components.auditd.enabled`. ## [1.2.2] - 2024-09-05 diff --git a/helm/cluster/README.md b/helm/cluster/README.md index 94c7c9b2..6558eb65 100644 --- a/helm/cluster/README.md +++ b/helm/cluster/README.md @@ -205,8 +205,8 @@ Advanced configuration of components that are running on all nodes. | **Property** | **Description** | **More Details** | | :----------- | :-------------- | :--------------- | -| `global.components.audit` | **Audit** - Enable Audit rules service.|**Type:** `object`
| -| `global.components.audit.enabled` | **Enabled** - Whether or not the Audit rules service shall be enabled. When true, the Audit rules service is enabled. When false, the Audit rules service is disabled.|**Type:** `boolean`
**Default:** `false`| +| `global.components.auditd` | **Auditd** - Enable Auditd rules service.|**Type:** `object`
| +| `global.components.auditd.enabled` | **Enabled** - Whether or not the Auditd rules service shall be enabled. When true, the Auditd rules service is enabled. When false, the Auditd rules service is disabled.|**Type:** `boolean`
**Default:** `false`| | `global.components.containerd` | **Containerd** - Configuration of containerd.|**Type:** `object`
| | `global.components.containerd.containerRegistries` | **Container registries** - Endpoints and credentials configuration for container registries.|**Type:** `object`
**Default:** `{"docker.io":[{"endpoint":"registry-1.docker.io"},{"endpoint":"giantswarm.azurecr.io"}],"gsoci.azurecr.io":[{"endpoint":"gsoci.azurecr.io"}]}`| | `global.components.containerd.containerRegistries.*` | **Registries** - Container registries and mirrors|**Type:** `array`
| diff --git a/helm/cluster/files/etc/audit/rules.d/99-default.rules b/helm/cluster/files/etc/audit/rules.d/99-default.rules index 2f30d8f4..19109a06 100644 --- a/helm/cluster/files/etc/audit/rules.d/99-default.rules +++ b/helm/cluster/files/etc/audit/rules.d/99-default.rules @@ -1,4 +1,4 @@ -{{- if ($.Values.global.components.audit).enabled -}} +{{- if ($.Values.global.components.auditd).enabled -}} # Overridden by Giant Swarm. -a exit,always -F arch=b64 -S execve -k auditing -a exit,always -F arch=b32 -S execve -k auditing diff --git a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl index 251512fd..1ab3be6a 100644 --- a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl @@ -181,7 +181,7 @@ CPUAccounting=true MemoryAccounting=true Slice=kubereserved.slice -{{- if $.Values.global.components.audit.enabled }} +{{- if $.Values.global.components.auditd.enabled }} - name: audit-rules.service enabled: true dropins: diff --git a/helm/cluster/values.schema.json b/helm/cluster/values.schema.json index b7d1f257..d9e054f9 100644 --- a/helm/cluster/values.schema.json +++ b/helm/cluster/values.schema.json @@ -1172,16 +1172,16 @@ "description": "Advanced configuration of components that are running on all nodes.", "additionalProperties": false, "properties": { - "audit": { + "auditd": { "type": "object", - "title": "Audit", - "description": "Enable Audit rules service.", + "title": "Auditd", + "description": "Enable Auditd rules service.", "additionalProperties": false, "properties": { "enabled": { "type": "boolean", "title": "Enabled", - "description": "Whether or not the Audit rules service shall be enabled. When true, the Audit rules service is enabled. When false, the Audit rules service is disabled.", + "description": "Whether or not the Auditd rules service shall be enabled. When true, the Auditd rules service is enabled. When false, the Auditd rules service is disabled.", "default": false } } diff --git a/helm/cluster/values.yaml b/helm/cluster/values.yaml index 140c8caa..8a8cc6d9 100644 --- a/helm/cluster/values.yaml +++ b/helm/cluster/values.yaml @@ -27,7 +27,7 @@ global: verticalPodAutoscaler: {} verticalPodAutoscalerCrd: {} components: - audit: + auditd: enabled: false containerd: containerRegistries: From 3048766bd1a82cf66f7ed0e2eee9ed6f3df951b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 09:32:26 +0200 Subject: [PATCH 3/7] toggle audit --- helm/cluster/files/etc/audit/rules.d/99-default.rules | 2 -- helm/cluster/templates/clusterapi/_helpers_files.tpl | 2 ++ 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/cluster/files/etc/audit/rules.d/99-default.rules b/helm/cluster/files/etc/audit/rules.d/99-default.rules index 19109a06..adc07b33 100644 --- a/helm/cluster/files/etc/audit/rules.d/99-default.rules +++ b/helm/cluster/files/etc/audit/rules.d/99-default.rules @@ -1,5 +1,3 @@ -{{- if ($.Values.global.components.auditd).enabled -}} # Overridden by Giant Swarm. -a exit,always -F arch=b64 -S execve -k auditing -a exit,always -F arch=b32 -S execve -k auditing -{{- end }} diff --git a/helm/cluster/templates/clusterapi/_helpers_files.tpl b/helm/cluster/templates/clusterapi/_helpers_files.tpl index fbc8bb1b..60aa3da0 100644 --- a/helm/cluster/templates/clusterapi/_helpers_files.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_files.tpl @@ -121,11 +121,13 @@ and is used to join the node to the teleport cluster. {{/* Audit rules for all nodes */}} {{- define "cluster.internal.kubeadm.files.auditrules" }} +{{- if $.Values.global.components.auditd.enabled -}} - path: /etc/audit/rules.d/99-default.rules permissions: "0640" encoding: base64 content: {{ $.Files.Get "files/etc/audit/rules.d/99-default.rules" | b64enc }} {{- end }} +{{- end }} {{/* Provider-specific files for all nodes */}} {{- define "cluster.internal.kubeadm.files.provider" }} From ef52d476c3c1b484a05857042c7c5b931de18773 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 09:54:55 +0200 Subject: [PATCH 4/7] toggle audit --- helm/cluster/templates/clusterapi/_helpers_flatcar.tpl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl index 1ab3be6a..d55f2152 100644 --- a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl @@ -190,6 +190,9 @@ [Service] ExecStartPre=/bin/bash -c "while [ ! -f /etc/audit/rules.d/containerd.rules ]; do echo 'Waiting for /etc/audit/rules.d/containerd.rules to be written' && sleep 1; done" Restart=on-failure +{{ else }} +- name: auditd.service + enabled: false {{- end }} {{- end }} From 530fe5e171c98406fbaea566f24839d10eba63aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 11:10:17 +0200 Subject: [PATCH 5/7] toggle audit --- helm/cluster/templates/clusterapi/_helpers_files.tpl | 2 +- helm/cluster/templates/clusterapi/_helpers_flatcar.tpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helm/cluster/templates/clusterapi/_helpers_files.tpl b/helm/cluster/templates/clusterapi/_helpers_files.tpl index 60aa3da0..75fb84f2 100644 --- a/helm/cluster/templates/clusterapi/_helpers_files.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_files.tpl @@ -121,7 +121,7 @@ and is used to join the node to the teleport cluster. {{/* Audit rules for all nodes */}} {{- define "cluster.internal.kubeadm.files.auditrules" }} -{{- if $.Values.global.components.auditd.enabled -}} +{{- if $.Values.global.components.auditd.enabled }} - path: /etc/audit/rules.d/99-default.rules permissions: "0640" encoding: base64 diff --git a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl index d55f2152..1666582d 100644 --- a/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl +++ b/helm/cluster/templates/clusterapi/_helpers_flatcar.tpl @@ -190,7 +190,7 @@ [Service] ExecStartPre=/bin/bash -c "while [ ! -f /etc/audit/rules.d/containerd.rules ]; do echo 'Waiting for /etc/audit/rules.d/containerd.rules to be written' && sleep 1; done" Restart=on-failure -{{ else }} +{{- else }} - name: auditd.service enabled: false {{- end }} From befb775f445a25285eb7fb86c3bdc59991a125c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 11:50:04 +0200 Subject: [PATCH 6/7] toggle audit --- helm/cluster/README.md | 4 ++-- helm/cluster/values.schema.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/helm/cluster/README.md b/helm/cluster/README.md index 6558eb65..65ecb7bc 100644 --- a/helm/cluster/README.md +++ b/helm/cluster/README.md @@ -205,8 +205,8 @@ Advanced configuration of components that are running on all nodes. | **Property** | **Description** | **More Details** | | :----------- | :-------------- | :--------------- | -| `global.components.auditd` | **Auditd** - Enable Auditd rules service.|**Type:** `object`
| -| `global.components.auditd.enabled` | **Enabled** - Whether or not the Auditd rules service shall be enabled. When true, the Auditd rules service is enabled. When false, the Auditd rules service is disabled.|**Type:** `boolean`
**Default:** `false`| +| `global.components.auditd` | **Auditd** - Enable Auditd service.|**Type:** `object`
| +| `global.components.auditd.enabled` | **Enabled** - Whether or not the Auditd service shall be enabled. When true, the Auditd service is enabled. When false, the Auditd service is disabled.|**Type:** `boolean`
**Default:** `false`| | `global.components.containerd` | **Containerd** - Configuration of containerd.|**Type:** `object`
| | `global.components.containerd.containerRegistries` | **Container registries** - Endpoints and credentials configuration for container registries.|**Type:** `object`
**Default:** `{"docker.io":[{"endpoint":"registry-1.docker.io"},{"endpoint":"giantswarm.azurecr.io"}],"gsoci.azurecr.io":[{"endpoint":"gsoci.azurecr.io"}]}`| | `global.components.containerd.containerRegistries.*` | **Registries** - Container registries and mirrors|**Type:** `array`
| diff --git a/helm/cluster/values.schema.json b/helm/cluster/values.schema.json index d9e054f9..fce37196 100644 --- a/helm/cluster/values.schema.json +++ b/helm/cluster/values.schema.json @@ -1175,13 +1175,13 @@ "auditd": { "type": "object", "title": "Auditd", - "description": "Enable Auditd rules service.", + "description": "Enable Auditd service.", "additionalProperties": false, "properties": { "enabled": { "type": "boolean", "title": "Enabled", - "description": "Whether or not the Auditd rules service shall be enabled. When true, the Auditd rules service is enabled. When false, the Auditd rules service is disabled.", + "description": "Whether or not the Auditd service shall be enabled. When true, the Auditd service is enabled. When false, the Auditd service is disabled.", "default": false } } From 260fb1784ce0a0dff079653580dd0d9b1c45bb94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nick=20J=C3=BCttner?= Date: Fri, 6 Sep 2024 11:51:30 +0200 Subject: [PATCH 7/7] tidy --- helm/cluster/tests/go.mod | 2 -- helm/cluster/tests/go.sum | 44 --------------------------------------- 2 files changed, 46 deletions(-) diff --git a/helm/cluster/tests/go.mod b/helm/cluster/tests/go.mod index ee7a983c..83f99efc 100644 --- a/helm/cluster/tests/go.mod +++ b/helm/cluster/tests/go.mod @@ -12,11 +12,9 @@ require ( github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/net v0.28.0 // indirect golang.org/x/sys v0.24.0 // indirect golang.org/x/text v0.17.0 // indirect golang.org/x/tools v0.24.0 // indirect - google.golang.org/protobuf v1.34.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/helm/cluster/tests/go.sum b/helm/cluster/tests/go.sum index 9fef3a74..7bbbf62e 100644 --- a/helm/cluster/tests/go.sum +++ b/helm/cluster/tests/go.sum @@ -1,73 +1,29 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/ginkgo/v2 v2.19.1 h1:QXgq3Z8Crl5EL1WBAC98A5sEBHARrAJNzAmMxzLcRF0= -github.com/onsi/ginkgo/v2 v2.19.1/go.mod h1:O3DtEWQkPa/F7fBMgmZQKKsluAy8pd3rEQdrjkPb9zA= -github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw= -github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= -github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo= -github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= -github.com/onsi/gomega v1.34.0 h1:eSSPsPNp6ZpsG8X1OVmOTxig+CblTc4AxpPBykhe2Os= -github.com/onsi/gomega v1.34.0/go.mod h1:MIKI8c+f+QLWk+hxbePD4i0LMJSExPaZOVfkoex4cAo= -github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= -github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= -golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws= -golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= -golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM= -golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= -golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= -golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= -golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= -golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= -golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=