Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
69949dda
Commit
69949dda
authored
Oct 30, 2019
by
Darren Shepherd
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update vendor
parent
609c5e5f
Hide whitespace changes
Inline
Side-by-side
Showing
20 changed files
with
980 additions
and
867 deletions
+980
-867
go.mod
go.mod
+1
-1
go.sum
go.sum
+3
-7
README.md
...hub.com/konsorten/go-windows-terminal-sequences/README.md
+0
-1
sequences_dummy.go
...onsorten/go-windows-terminal-sequences/sequences_dummy.go
+0
-11
ca.go
vendor/github.com/rancher/dynamiclistener/factory/ca.go
+80
-0
cert_utils.go
.../github.com/rancher/dynamiclistener/factory/cert_utils.go
+105
-0
gen.go
vendor/github.com/rancher/dynamiclistener/factory/gen.go
+164
-0
go.mod
vendor/github.com/rancher/dynamiclistener/go.mod
+4
-11
go.sum
vendor/github.com/rancher/dynamiclistener/go.sum
+107
-22
listener.go
vendor/github.com/rancher/dynamiclistener/listener.go
+198
-0
read.go
vendor/github.com/rancher/dynamiclistener/read.go
+0
-50
redirect.go
vendor/github.com/rancher/dynamiclistener/redirect.go
+46
-0
server.go
vendor/github.com/rancher/dynamiclistener/server.go
+0
-556
file.go
...r/github.com/rancher/dynamiclistener/storage/file/file.go
+42
-0
controller.go
.../rancher/dynamiclistener/storage/kubernetes/controller.go
+109
-0
memory.go
...thub.com/rancher/dynamiclistener/storage/memory/memory.go
+42
-0
tcp.go
vendor/github.com/rancher/dynamiclistener/tcp.go
+38
-0
types.go
vendor/github.com/rancher/dynamiclistener/types.go
+0
-63
client.go
vendor/github.com/rancher/kine/pkg/client/client.go
+0
-107
modules.txt
vendor/modules.txt
+41
-38
No files found.
go.mod
View file @
69949dda
...
...
@@ -96,7 +96,7 @@ require (
github.com/opencontainers/runc v1.0.0-rc2.0.20190611121236-6cc515888830
github.com/pkg/errors v0.8.1
github.com/rakelkar/gonetsh v0.0.0-20190719023240-501daadcadf8 // indirect
github.com/rancher/dynamiclistener v0.1.1-0.201910
10011134-8a2488bc860a
github.com/rancher/dynamiclistener v0.1.1-0.201910
31022009-6224794ef3cb
github.com/rancher/helm-controller v0.2.2
github.com/rancher/kine v0.0.0-00010101000000-000000000000
github.com/rancher/remotedialer v0.2.0
...
...
go.sum
View file @
69949dda
...
...
@@ -418,9 +418,8 @@ github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgo
github.com/knative/build v0.6.0/go.mod h1:/sU74ZQkwlYA5FwYDJhYTy61i/Kn+5eWfln2jDbw3Qo=
github.com/knative/pkg v0.0.0-20190514205332-5e4512dcb2ca/go.mod h1:7Ijfhw7rfB+H9VtosIsDYvZQ+qYTz7auK3fHW/5z4ww=
github.com/knative/serving v0.6.1/go.mod h1:ljvMfwQy2qanaM/8xnBSK4Mz3Vv2NawC2fo5kFRJS1A=
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s=
github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
...
...
@@ -563,8 +562,8 @@ github.com/rancher/containerd v1.3.0-k3s.4 h1:Vq9EJQEm01eeWaBtgU35KxWeuVU5LwW43E
github.com/rancher/containerd v1.3.0-k3s.4/go.mod h1:ZMfzmqce2Z+QSEqdHMfeJs1TZ/UeJ1aDrazjpQT4ehM=
github.com/rancher/cri-tools v1.16.1-k3s.1 h1:iporgQ46noE6dtLzq6fWcIO2qjyPZy2m42d2P+UnGJg=
github.com/rancher/cri-tools v1.16.1-k3s.1/go.mod h1:TEKhKv2EJIZp+p9jnEy4C63g8CosJzsI4kyKKkHag+8=
github.com/rancher/dynamiclistener v0.1.1-0.201910
10011134-8a2488bc860a h1:1bUYAv5U/Ky4YJ9o8gWxX+vNcjpIL3JWNBao70OlkFE
=
github.com/rancher/dynamiclistener v0.1.1-0.201910
10011134-8a2488bc860a/go.mod h1:8hbGf35mB7ormKEFqsAgjgeI5rLbj5N764jG41dNhp
s=
github.com/rancher/dynamiclistener v0.1.1-0.201910
31022009-6224794ef3cb h1:bMoA9UHr1QNTWVrf0fSJCba6YDU1xmt2jmeohpiugKg
=
github.com/rancher/dynamiclistener v0.1.1-0.201910
31022009-6224794ef3cb/go.mod h1:fs/dxyNcB3YT6W9fVz4bDGfhmSQS17QQup6BIcGF++
s=
github.com/rancher/flannel v0.11.0-k3s.1 h1:mIwnfWDafjzQgFkZeJ1AkFrrAT3EdBaA1giE0eLJKo8=
github.com/rancher/flannel v0.11.0-k3s.1/go.mod h1:Hn4ZV+eq0LhLZP63xZnxdGwXEoRSxs5sxELxu27M3UA=
github.com/rancher/helm-controller v0.2.2 h1:MUqisy53/Ay1EYOF2uTCYBbGpgtZLNKKrI01BdxIbQo=
...
...
@@ -682,7 +681,6 @@ github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRci
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stripe/safesql v0.2.0/go.mod h1:q7b2n0JmzM1mVGfcYpanfVb2j23cXZeWFxcILPn3JV4=
github.com/syndtr/gocapability v0.0.0-20160928074757-e7cb7fa329f4/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8 h1:zLV6q4e8Jv9EHjNg/iHfzwDkCve6Ua5jCygptrtXHvI=
github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
...
...
@@ -741,7 +739,6 @@ golang.org/x/crypto v0.0.0-20190228161510-8dd112bcdc25/go.mod h1:djNgcEr1/C05ACk
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU=
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
...
...
@@ -808,7 +805,6 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190509141414-a5b02f93d862/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190730183949-1393eb018365/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3 h1:7TYNF4UdlohbFwpNH04CoPMp1cHUZgO1Ebq5r2hIjfo=
...
...
vendor/github.com/konsorten/go-windows-terminal-sequences/README.md
View file @
69949dda
...
...
@@ -26,7 +26,6 @@ The tool is sponsored by the [marvin + konsorten GmbH](http://www.konsorten.de).
We thank all the authors who provided code to this library:
*
Felix Kollmann
*
Nicolas Perraut
## License
...
...
vendor/github.com/konsorten/go-windows-terminal-sequences/sequences_dummy.go
deleted
100644 → 0
View file @
609c5e5f
// +build linux darwin
package
sequences
import
(
"fmt"
)
func
EnableVirtualTerminalProcessing
(
stream
uintptr
,
enable
bool
)
error
{
return
fmt
.
Errorf
(
"windows only package"
)
}
vendor/github.com/rancher/dynamiclistener/factory/ca.go
0 → 100644
View file @
69949dda
package
factory
import
(
"crypto/ecdsa"
"crypto/x509"
"io/ioutil"
"os"
)
func
GenCA
()
(
*
x509
.
Certificate
,
*
ecdsa
.
PrivateKey
,
error
)
{
caKey
,
err
:=
NewPrivateKey
()
if
err
!=
nil
{
return
nil
,
nil
,
err
}
caCert
,
err
:=
NewSelfSignedCACert
(
caKey
,
"dynamiclistener-ca"
,
"dynamiclistener-org"
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
return
caCert
,
caKey
,
nil
}
func
LoadOrGenCA
()
(
*
x509
.
Certificate
,
*
ecdsa
.
PrivateKey
,
error
)
{
cert
,
key
,
err
:=
loadCA
()
if
err
==
nil
{
return
cert
,
key
,
nil
}
cert
,
key
,
err
=
GenCA
()
if
err
!=
nil
{
return
nil
,
nil
,
err
}
certBytes
,
keyBytes
,
err
:=
Marshal
(
cert
,
key
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
if
err
:=
os
.
MkdirAll
(
"./certs"
,
0700
);
err
!=
nil
{
return
nil
,
nil
,
err
}
if
err
:=
ioutil
.
WriteFile
(
"./certs/ca.pem"
,
certBytes
,
0600
);
err
!=
nil
{
return
nil
,
nil
,
err
}
if
err
:=
ioutil
.
WriteFile
(
"./certs/ca.key"
,
keyBytes
,
0600
);
err
!=
nil
{
return
nil
,
nil
,
err
}
return
cert
,
key
,
nil
}
func
loadCA
()
(
*
x509
.
Certificate
,
*
ecdsa
.
PrivateKey
,
error
)
{
return
LoadCerts
(
"./certs/ca.pem"
,
"./certs/ca.key"
)
}
func
LoadCerts
(
certFile
,
keyFile
string
)
(
*
x509
.
Certificate
,
*
ecdsa
.
PrivateKey
,
error
)
{
caPem
,
err
:=
ioutil
.
ReadFile
(
certFile
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
caKey
,
err
:=
ioutil
.
ReadFile
(
keyFile
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
key
,
err
:=
ParseECPrivateKeyPEM
(
caKey
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
cert
,
err
:=
ParseCertPEM
(
caPem
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
return
cert
,
key
,
nil
}
vendor/github.com/rancher/dynamiclistener/factory/cert_utils.go
0 → 100644
View file @
69949dda
package
factory
import
(
"crypto"
"crypto/ecdsa"
"crypto/rand"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"fmt"
"math"
"math/big"
"net"
"time"
)
const
(
ECPrivateKeyBlockType
=
"EC PRIVATE KEY"
CertificateBlockType
=
"CERTIFICATE"
)
func
NewSelfSignedCACert
(
key
crypto
.
Signer
,
cn
string
,
org
...
string
)
(
*
x509
.
Certificate
,
error
)
{
now
:=
time
.
Now
()
tmpl
:=
x509
.
Certificate
{
BasicConstraintsValid
:
true
,
IsCA
:
true
,
KeyUsage
:
x509
.
KeyUsageKeyEncipherment
|
x509
.
KeyUsageDigitalSignature
|
x509
.
KeyUsageCertSign
,
NotAfter
:
now
.
Add
(
time
.
Hour
*
24
*
365
*
10
)
.
UTC
(),
NotBefore
:
now
.
UTC
(),
SerialNumber
:
new
(
big
.
Int
)
.
SetInt64
(
0
),
Subject
:
pkix
.
Name
{
CommonName
:
cn
,
Organization
:
org
,
},
}
certDERBytes
,
err
:=
x509
.
CreateCertificate
(
rand
.
Reader
,
&
tmpl
,
&
tmpl
,
key
.
Public
(),
key
)
if
err
!=
nil
{
return
nil
,
err
}
return
x509
.
ParseCertificate
(
certDERBytes
)
}
func
NewSignedCert
(
signer
crypto
.
Signer
,
caCert
*
x509
.
Certificate
,
caKey
crypto
.
Signer
,
cn
string
,
orgs
[]
string
,
domains
[]
string
,
ips
[]
net
.
IP
)
(
*
x509
.
Certificate
,
error
)
{
serialNumber
,
err
:=
rand
.
Int
(
rand
.
Reader
,
new
(
big
.
Int
)
.
SetInt64
(
math
.
MaxInt64
))
if
err
!=
nil
{
return
nil
,
err
}
parent
:=
x509
.
Certificate
{
DNSNames
:
domains
,
ExtKeyUsage
:
[]
x509
.
ExtKeyUsage
{
x509
.
ExtKeyUsageServerAuth
},
IPAddresses
:
ips
,
KeyUsage
:
x509
.
KeyUsageKeyEncipherment
|
x509
.
KeyUsageDigitalSignature
,
NotAfter
:
time
.
Now
()
.
Add
(
time
.
Hour
*
24
*
365
)
.
UTC
(),
NotBefore
:
caCert
.
NotBefore
,
SerialNumber
:
serialNumber
,
Subject
:
pkix
.
Name
{
CommonName
:
cn
,
Organization
:
orgs
,
},
}
cert
,
err
:=
x509
.
CreateCertificate
(
rand
.
Reader
,
&
parent
,
caCert
,
signer
.
Public
(),
caKey
)
if
err
!=
nil
{
return
nil
,
err
}
return
x509
.
ParseCertificate
(
cert
)
}
func
ParseECPrivateKeyPEM
(
keyData
[]
byte
)
(
*
ecdsa
.
PrivateKey
,
error
)
{
var
privateKeyPemBlock
*
pem
.
Block
for
{
privateKeyPemBlock
,
keyData
=
pem
.
Decode
(
keyData
)
if
privateKeyPemBlock
==
nil
{
break
}
if
privateKeyPemBlock
.
Type
==
ECPrivateKeyBlockType
{
return
x509
.
ParseECPrivateKey
(
privateKeyPemBlock
.
Bytes
)
}
}
return
nil
,
fmt
.
Errorf
(
"pem does not include a valid EC private key"
)
}
func
ParseCertPEM
(
pemCerts
[]
byte
)
(
*
x509
.
Certificate
,
error
)
{
var
pemBlock
*
pem
.
Block
for
{
pemBlock
,
pemCerts
=
pem
.
Decode
(
pemCerts
)
if
pemBlock
==
nil
{
break
}
if
pemBlock
.
Type
==
CertificateBlockType
{
return
x509
.
ParseCertificate
(
pemBlock
.
Bytes
)
}
}
return
nil
,
fmt
.
Errorf
(
"pem does not include a valid x509 cert"
)
}
vendor/github.com/rancher/dynamiclistener/factory/gen.go
0 → 100644
View file @
69949dda
package
factory
import
(
"crypto"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/sha256"
"crypto/x509"
"encoding/hex"
"encoding/pem"
"net"
"sort"
"strings"
v1
"k8s.io/api/core/v1"
)
const
(
cnPrefix
=
"listener.cattle.io/cn-"
static
=
"listener.cattle.io/static"
hashKey
=
"listener.cattle.io/hash"
)
type
TLS
struct
{
CACert
*
x509
.
Certificate
CAKey
crypto
.
Signer
CN
string
Organization
[]
string
}
func
collectCNs
(
secret
*
v1
.
Secret
)
(
domains
[]
string
,
ips
[]
net
.
IP
,
hash
string
,
err
error
)
{
var
(
cns
[]
string
digest
=
sha256
.
New
()
)
for
k
,
v
:=
range
secret
.
Annotations
{
if
strings
.
HasPrefix
(
k
,
cnPrefix
)
{
cns
=
append
(
cns
,
v
)
}
}
sort
.
Strings
(
cns
)
for
_
,
v
:=
range
cns
{
digest
.
Write
([]
byte
(
v
))
ip
:=
net
.
ParseIP
(
v
)
if
ip
==
nil
{
domains
=
append
(
domains
,
v
)
}
else
{
ips
=
append
(
ips
,
ip
)
}
}
hash
=
hex
.
EncodeToString
(
digest
.
Sum
(
nil
))
return
}
func
(
t
*
TLS
)
AddCN
(
secret
*
v1
.
Secret
,
cn
...
string
)
(
*
v1
.
Secret
,
bool
,
error
)
{
var
(
err
error
)
if
!
NeedsUpdate
(
secret
,
cn
...
)
{
return
secret
,
false
,
nil
}
secret
=
populateCN
(
secret
,
cn
...
)
privateKey
,
err
:=
getPrivateKey
(
secret
)
if
err
!=
nil
{
return
nil
,
false
,
err
}
domains
,
ips
,
hash
,
err
:=
collectCNs
(
secret
)
if
err
!=
nil
{
return
nil
,
false
,
err
}
newCert
,
err
:=
t
.
newCert
(
domains
,
ips
,
privateKey
)
if
err
!=
nil
{
return
nil
,
false
,
err
}
certBytes
,
keyBytes
,
err
:=
Marshal
(
newCert
,
privateKey
)
if
err
!=
nil
{
return
nil
,
false
,
err
}
if
secret
.
Data
==
nil
{
secret
.
Data
=
map
[
string
][]
byte
{}
}
secret
.
Data
[
v1
.
TLSCertKey
]
=
certBytes
secret
.
Data
[
v1
.
TLSPrivateKeyKey
]
=
keyBytes
secret
.
Annotations
[
hashKey
]
=
hash
return
secret
,
true
,
nil
}
func
(
t
*
TLS
)
newCert
(
domains
[]
string
,
ips
[]
net
.
IP
,
privateKey
*
ecdsa
.
PrivateKey
)
(
*
x509
.
Certificate
,
error
)
{
return
NewSignedCert
(
privateKey
,
t
.
CACert
,
t
.
CAKey
,
t
.
CN
,
t
.
Organization
,
domains
,
ips
)
}
func
populateCN
(
secret
*
v1
.
Secret
,
cn
...
string
)
*
v1
.
Secret
{
secret
=
secret
.
DeepCopy
()
if
secret
.
Annotations
==
nil
{
secret
.
Annotations
=
map
[
string
]
string
{}
}
for
_
,
cn
:=
range
cn
{
secret
.
Annotations
[
cnPrefix
+
cn
]
=
cn
}
return
secret
}
func
NeedsUpdate
(
secret
*
v1
.
Secret
,
cn
...
string
)
bool
{
if
secret
.
Annotations
[
static
]
==
"true"
{
return
false
}
for
_
,
cn
:=
range
cn
{
if
secret
.
Annotations
[
cnPrefix
+
cn
]
==
""
{
return
true
}
}
return
false
}
func
getPrivateKey
(
secret
*
v1
.
Secret
)
(
*
ecdsa
.
PrivateKey
,
error
)
{
keyBytes
:=
secret
.
Data
[
v1
.
TLSPrivateKeyKey
]
if
len
(
keyBytes
)
==
0
{
return
NewPrivateKey
()
}
privateKey
,
err
:=
ParseECPrivateKeyPEM
(
keyBytes
)
if
err
==
nil
{
return
privateKey
,
nil
}
return
NewPrivateKey
()
}
func
Marshal
(
x509Cert
*
x509
.
Certificate
,
privateKey
*
ecdsa
.
PrivateKey
)
([]
byte
,
[]
byte
,
error
)
{
certBlock
:=
pem
.
Block
{
Type
:
CertificateBlockType
,
Bytes
:
x509Cert
.
Raw
,
}
keyBytes
,
err
:=
x509
.
MarshalECPrivateKey
(
privateKey
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
keyBlock
:=
pem
.
Block
{
Type
:
ECPrivateKeyBlockType
,
Bytes
:
keyBytes
,
}
return
pem
.
EncodeToMemory
(
&
certBlock
),
pem
.
EncodeToMemory
(
&
keyBlock
),
nil
}
func
NewPrivateKey
()
(
*
ecdsa
.
PrivateKey
,
error
)
{
return
ecdsa
.
GenerateKey
(
elliptic
.
P256
(),
rand
.
Reader
)
}
vendor/github.com/rancher/dynamiclistener/go.mod
View file @
69949dda
...
...
@@ -3,16 +3,9 @@ module github.com/rancher/dynamiclistener
go 1.12
require (
github.com/hashicorp/golang-lru v0.5.1
github.com/kisielk/gotool v1.0.0 // indirect
github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
github.com/rancher/wrangler v0.1.4
github.com/rancher/wrangler-api v0.2.0
github.com/sirupsen/logrus v1.4.1
github.com/stretchr/testify v1.3.0 // indirect
github.com/stripe/safesql v0.2.0 // indirect
golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c // indirect
golang.org/x/sys v0.0.0-20190509141414-a5b02f93d862 // indirect
golang.org/x/text v0.3.2 // indirect
mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed // indirect
mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b // indirect
k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b
k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d
)
vendor/github.com/rancher/dynamiclistener/go.sum
View file @
69949dda
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE=
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef h1:veQD95Isof8w9/WXiA+pa3tz3fJXkt5B7QaRBrM62gk=
github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-containerregistry v0.0.0-20190617215043-876b8855d23c/go.mod h1:yZAFP63pRshzrEYLXLGPmUt0Ay+2zdjmMN1loCnRLUk=
github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/googleapis/gnostic v0.0.0-20170426233943-68f4ded48ba9/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.2.0 h1:l6N3VoaVzTncYYW+9yOz2LJJammFZGBO13sqgEhpy9g=
github.com/googleapis/gnostic v0.2.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
github.com/jetstack/cert-manager v0.7.2/go.mod h1:nbddmhjWxYGt04bxvwVGUSeLhZ2PCyNvd7MpXdq+yWY=
github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs=
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
github.com/kisielk/gotool v1.0.0 h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/knative/build v0.6.0/go.mod h1:/sU74ZQkwlYA5FwYDJhYTy61i/Kn+5eWfln2jDbw3Qo=
github.com/knative/pkg v0.0.0-20190514205332-5e4512dcb2ca/go.mod h1:7Ijfhw7rfB+H9VtosIsDYvZQ+qYTz7auK3fHW/5z4ww=
github.com/knative/serving v0.6.1/go.mod h1:ljvMfwQy2qanaM/8xnBSK4Mz3Vv2NawC2fo5kFRJS1A=
github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s=
github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/matryer/moq v0.0.0-20190312154309-6cfb0558e1bd/go.mod h1:9ELz6aaclSIGnZBoaSLZ3NAl1VTufbOrXBPvtcy6WiQ=
github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/rancher/wrangler v0.1.4 h1:bdzBw4H9JKQhXPBPNp4eHbmrkA24+VII865VLiVWcw8=
github.com/rancher/wrangler v0.1.4/go.mod h1:EYP7cqpg42YqElaCm+U9ieSrGQKAXxUH5xsr+XGpWyE=
github.com/rancher/wrangler-api v0.2.0 h1:VR7hLNnDrKykKLqthtwZ58pDDtUa9ijSNToPaJLEkWc=
github.com/rancher/wrangler-api v0.2.0/go.mod h1:zTPdNLZO07KvRaVOx6XQbKBSV55Fnn4s7nqmrMPJqd8=
github.com/sirupsen/logrus v1.4.1 h1:GL2rEmy6nsikmW0r8opw9JIRScdMF5hA8cOYLH7In1k=
github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff h1:VARhShG49tiji6mdRNp7JTNDtJ0FhuprF93GBQ37xGU=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/
stripe/safesql v0.2.0 h1:xiefmCDd8c35PVSGrL2FhBiaKxviXnGziBDOpOejeBE
=
g
ithub.com/stripe/safesql v0.2.0/go.mod h1:q7b2n0JmzM1mVGfcYpanfVb2j23cXZeWFxcILPn3JV4
=
github.com/
tektoncd/pipeline v0.4.0/go.mod h1:IZzJdiX9EqEMuUcgdnElozdYYRh0/ZRC+NKMLj1K3Yw
=
g
olang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M
=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284 h1:rlLehGeYg6jfoyz/eDqDU1iRXLKfR42nnNh57ytKEWo=
golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c h1:uOCk1iQW6Vc18bnC13MfzScl+wdKBmM9Y9kU7Z83/lw=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a h1:oWX7TPOiFAMXLq8o0ikBYfCJVlRHBcsciT5bXOrH628=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a h1:tImsplftrFpALCYumobsd0K86vlAs/eXGFms2txfJfA=
golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 h1:I6FyU15t786LL7oL/hn43zqTuEGr4PN7F4XJ1p4E3Y8=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190509141414-a5b02f93d862 h1:rM0ROo5vb9AdYJi1110yjWGMej9ITfKddS89P3Fkhug=
golang.org/x/sys v0.0.0-20190509141414-a5b02f93d862/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e h1:FDhOuMEY4JVRztM/gsbk+IKUQ8kj74bxZrgw87eMMVc=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed h1:WX1yoOaKQfddO/mLzdV4wptyWgoH/6hwLs7QHTixo0I=
mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIaQYRfC7CSLworTXY9RMqwhhCm+8Nc=
mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b h1:DxJ5nJdkhDlLok9K6qO+5290kphDJbHOQO1DFFFTeBo=
mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b h1:aBGgKJUM9Hk/3AE8WaZIApnTxG35kbuQba2w+SXqezo=
k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
k8s.io/apiextensions-apiserver v0.0.0-20190409022649-727a075fdec8/go.mod h1:IxkesAMoaCRoLrPJdZNZUQp9NfZnzqaVzLhb2VEQzXE=
k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d h1:Jmdtdt1ZnoGfWWIIik61Z7nKYgO3J+swQJtPYsP9wHA=
k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0=
k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible h1:U5Bt+dab9K8qaUmXINrkXO135kA11/i5Kg1RUydgaMQ=
k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s=
k8s.io/code-generator v0.0.0-20190311093542-50b561225d70/go.mod h1:MYiN+ZJZ9HkETbgVZdWw2AsuAi9PZ4V80cwfuf2axe8=
k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/gengo v0.0.0-20190327210449-e17681d19d3a/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/klog v0.3.0 h1:0VPpR+sizsiivjIfIAQH/rl8tan6jvWkS7lU+0di3lE=
k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
k8s.io/kube-openapi v0.0.0-20190502190224-411b2483e503/go.mod h1:iU+ZGYsNlvU9XKUSso6SQfKTCCw7lFduMZy26Mgr2Fw=
k8s.io/utils v0.0.0-20190506122338-8fab8cb257d5 h1:VBM/0P5TWxwk+Nw6Z+lAw3DKgO76g90ETOiA6rfLV1Y=
k8s.io/utils v0.0.0-20190506122338-8fab8cb257d5/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
sigs.k8s.io/structured-merge-diff v0.0.0-20190426204423-ea680f03cc65/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
vendor/github.com/rancher/dynamiclistener/listener.go
0 → 100644
View file @
69949dda
package
dynamiclistener
import
(
"crypto"
"crypto/tls"
"crypto/x509"
"net"
"net/http"
"sync"
"github.com/rancher/dynamiclistener/factory"
"github.com/sirupsen/logrus"
v1
"k8s.io/api/core/v1"
)
type
TLSStorage
interface
{
Get
()
(
*
v1
.
Secret
,
error
)
Update
(
secret
*
v1
.
Secret
)
error
}
type
Config
struct
{
CN
string
Organization
[]
string
TLSConfig
tls
.
Config
SANs
[]
string
}
func
NewListener
(
l
net
.
Listener
,
storage
TLSStorage
,
caCert
*
x509
.
Certificate
,
caKey
crypto
.
Signer
,
config
Config
)
(
net
.
Listener
,
http
.
Handler
,
error
)
{
if
config
.
CN
==
""
{
config
.
CN
=
"dynamic"
}
if
len
(
config
.
Organization
)
==
0
{
config
.
Organization
=
[]
string
{
"dynamic"
}
}
dynamicListener
:=
&
listener
{
factory
:
&
factory
.
TLS
{
CACert
:
caCert
,
CAKey
:
caKey
,
CN
:
config
.
CN
,
Organization
:
config
.
Organization
,
},
Listener
:
l
,
storage
:
&
nonNil
{
storage
:
storage
},
sans
:
config
.
SANs
,
tlsConfig
:
config
.
TLSConfig
,
}
dynamicListener
.
tlsConfig
.
GetCertificate
=
dynamicListener
.
getCertificate
return
tls
.
NewListener
(
dynamicListener
,
&
dynamicListener
.
tlsConfig
),
dynamicListener
.
cacheHandler
(),
nil
}
type
listener
struct
{
sync
.
RWMutex
net
.
Listener
factory
*
factory
.
TLS
storage
TLSStorage
version
string
tlsConfig
tls
.
Config
cert
*
tls
.
Certificate
sans
[]
string
}
func
(
l
*
listener
)
Accept
()
(
net
.
Conn
,
error
)
{
conn
,
err
:=
l
.
Listener
.
Accept
()
if
err
!=
nil
{
return
conn
,
err
}
addr
:=
conn
.
RemoteAddr
()
if
addr
==
nil
{
return
conn
,
nil
}
host
,
_
,
err
:=
net
.
SplitHostPort
(
addr
.
String
())
if
err
!=
nil
{
logrus
.
Errorf
(
"failed to parse network %s: %v"
,
addr
.
Network
(),
err
)
return
conn
,
nil
}
return
conn
,
l
.
updateCert
(
host
)
}
func
(
l
*
listener
)
getCertificate
(
hello
*
tls
.
ClientHelloInfo
)
(
*
tls
.
Certificate
,
error
)
{
if
hello
.
ServerName
!=
""
{
if
err
:=
l
.
updateCert
(
hello
.
ServerName
);
err
!=
nil
{
return
nil
,
err
}
}
return
l
.
loadCert
()
}
func
(
l
*
listener
)
updateCert
(
cn
string
)
error
{
l
.
RLock
()
defer
l
.
RUnlock
()
secret
,
err
:=
l
.
storage
.
Get
()
if
err
!=
nil
{
return
err
}
if
!
factory
.
NeedsUpdate
(
secret
,
append
(
l
.
sans
,
cn
)
...
)
{
return
nil
}
l
.
RUnlock
()
l
.
Lock
()
defer
l
.
RLock
()
defer
l
.
Unlock
()
secret
,
updated
,
err
:=
l
.
factory
.
AddCN
(
secret
,
append
(
l
.
sans
,
cn
)
...
)
if
err
!=
nil
{
return
err
}
if
updated
{
if
err
:=
l
.
storage
.
Update
(
secret
);
err
!=
nil
{
return
err
}
// clear version to force cert reload
l
.
version
=
""
}
return
nil
}
func
(
l
*
listener
)
loadCert
()
(
*
tls
.
Certificate
,
error
)
{
l
.
RLock
()
defer
l
.
RUnlock
()
secret
,
err
:=
l
.
storage
.
Get
()
if
err
!=
nil
{
return
nil
,
err
}
if
l
.
cert
!=
nil
&&
l
.
version
==
secret
.
ResourceVersion
{
return
l
.
cert
,
nil
}
defer
l
.
RLock
()
l
.
RUnlock
()
l
.
Lock
()
defer
l
.
Unlock
()
secret
,
err
=
l
.
storage
.
Get
()
if
err
!=
nil
{
return
nil
,
err
}
if
l
.
cert
!=
nil
&&
l
.
version
==
secret
.
ResourceVersion
{
return
l
.
cert
,
nil
}
cert
,
err
:=
tls
.
X509KeyPair
(
secret
.
Data
[
v1
.
TLSCertKey
],
secret
.
Data
[
v1
.
TLSPrivateKeyKey
])
if
err
!=
nil
{
return
nil
,
err
}
l
.
cert
=
&
cert
return
l
.
cert
,
nil
}
func
(
l
*
listener
)
cacheHandler
()
http
.
Handler
{
return
http
.
HandlerFunc
(
func
(
resp
http
.
ResponseWriter
,
req
*
http
.
Request
)
{
h
,
_
,
err
:=
net
.
SplitHostPort
(
req
.
Host
)
if
err
!=
nil
{
h
=
req
.
Host
}
ip
:=
net
.
ParseIP
(
h
)
if
len
(
ip
)
>
0
{
l
.
updateCert
(
h
)
}
})
}
type
nonNil
struct
{
sync
.
Mutex
storage
TLSStorage
}
func
(
n
*
nonNil
)
Get
()
(
*
v1
.
Secret
,
error
)
{
n
.
Lock
()
defer
n
.
Unlock
()
s
,
err
:=
n
.
storage
.
Get
()
if
err
!=
nil
||
s
==
nil
{
return
&
v1
.
Secret
{},
err
}
return
s
,
nil
}
func
(
n
*
nonNil
)
Update
(
secret
*
v1
.
Secret
)
error
{
n
.
Lock
()
defer
n
.
Unlock
()
return
n
.
storage
.
Update
(
secret
)
}
vendor/github.com/rancher/dynamiclistener/read.go
deleted
100644 → 0
View file @
609c5e5f
package
dynamiclistener
import
(
"fmt"
"io/ioutil"
"path/filepath"
)
func
ReadTLSConfig
(
userConfig
*
UserConfig
)
error
{
var
err
error
path
:=
userConfig
.
CertPath
userConfig
.
CACerts
,
err
=
readPEM
(
filepath
.
Join
(
path
,
"cacerts.pem"
))
if
err
!=
nil
{
return
err
}
userConfig
.
Key
,
err
=
readPEM
(
filepath
.
Join
(
path
,
"key.pem"
))
if
err
!=
nil
{
return
err
}
userConfig
.
Cert
,
err
=
readPEM
(
filepath
.
Join
(
path
,
"cert.pem"
))
if
err
!=
nil
{
return
err
}
valid
:=
false
if
userConfig
.
Key
!=
""
&&
userConfig
.
Cert
!=
""
{
valid
=
true
}
else
if
userConfig
.
Key
==
""
&&
userConfig
.
Cert
==
""
{
valid
=
true
}
if
!
valid
{
return
fmt
.
Errorf
(
"invalid SSL configuration found, please set cert/key, cert/key/cacerts, cacerts only, or none"
)
}
return
nil
}
func
readPEM
(
path
string
)
(
string
,
error
)
{
content
,
err
:=
ioutil
.
ReadFile
(
path
)
if
err
!=
nil
{
return
""
,
nil
}
return
string
(
content
),
nil
}
vendor/github.com/rancher/dynamiclistener/redirect.go
0 → 100644
View file @
69949dda
package
dynamiclistener
import
(
"fmt"
"net"
"net/http"
"strconv"
"strings"
)
// Approach taken from letsencrypt, except manglePort is specific to us
func
HTTPRedirect
(
next
http
.
Handler
)
http
.
Handler
{
return
http
.
HandlerFunc
(
func
(
rw
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
fmt
.
Println
(
"!!!!!"
,
r
.
URL
.
String
(),
r
.
Header
)
if
r
.
Header
.
Get
(
"x-Forwarded-Proto"
)
==
"https"
||
r
.
Header
.
Get
(
"x-Forwarded-Proto"
)
==
"wss"
||
strings
.
HasPrefix
(
r
.
URL
.
Path
,
"/ping"
)
||
strings
.
HasPrefix
(
r
.
URL
.
Path
,
"/health"
)
{
next
.
ServeHTTP
(
rw
,
r
)
return
}
if
r
.
Method
!=
"GET"
&&
r
.
Method
!=
"HEAD"
{
http
.
Error
(
rw
,
"Use HTTPS"
,
http
.
StatusBadRequest
)
return
}
target
:=
"https://"
+
manglePort
(
r
.
Host
)
+
r
.
URL
.
RequestURI
()
http
.
Redirect
(
rw
,
r
,
target
,
http
.
StatusFound
)
})
}
func
manglePort
(
hostport
string
)
string
{
host
,
port
,
err
:=
net
.
SplitHostPort
(
hostport
)
if
err
!=
nil
{
return
hostport
}
portInt
,
err
:=
strconv
.
Atoi
(
port
)
if
err
!=
nil
{
return
hostport
}
portInt
=
((
portInt
/
1000
)
*
1000
)
+
443
return
net
.
JoinHostPort
(
host
,
strconv
.
Itoa
(
portInt
))
}
vendor/github.com/rancher/dynamiclistener/server.go
deleted
100644 → 0
View file @
609c5e5f
package
dynamiclistener
import
(
"context"
"crypto"
"crypto/ecdsa"
"crypto/rsa"
"crypto/tls"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
"fmt"
"log"
"net"
"net/http"
"reflect"
"strconv"
"strings"
"sync"
"time"
cert
"github.com/rancher/dynamiclistener/cert"
"github.com/sirupsen/logrus"
)
type
server
struct
{
sync
.
Mutex
userConfig
UserConfig
listenConfigStorage
ListenerConfigStorage
tlsCert
*
tls
.
Certificate
ips
map
[
string
]
bool
domains
map
[
string
]
bool
cn
string
listeners
[]
net
.
Listener
servers
[]
*
http
.
Server
activeCA
*
x509
.
Certificate
activeCAKey
crypto
.
Signer
}
func
NewServer
(
listenConfigStorage
ListenerConfigStorage
,
config
UserConfig
)
(
ServerInterface
,
error
)
{
s
:=
&
server
{
userConfig
:
config
,
listenConfigStorage
:
listenConfigStorage
,
cn
:
"cattle"
,
}
s
.
ips
=
map
[
string
]
bool
{}
s
.
domains
=
map
[
string
]
bool
{}
if
err
:=
s
.
userConfigure
();
err
!=
nil
{
return
nil
,
err
}
lc
,
err
:=
listenConfigStorage
.
Get
()
if
err
!=
nil
{
return
nil
,
err
}
return
s
,
s
.
Update
(
lc
)
}
func
(
s
*
server
)
CACert
()
(
string
,
error
)
{
if
s
.
userConfig
.
NoCACerts
{
return
""
,
nil
}
if
s
.
userConfig
.
CACerts
!=
""
{
return
s
.
userConfig
.
CACerts
,
nil
}
return
""
,
fmt
.
Errorf
(
"ca cert not found"
)
}
func
marshalPrivateKey
(
privateKey
crypto
.
Signer
)
(
string
,
[]
byte
,
error
)
{
var
(
keyType
string
bytes
[]
byte
err
error
)
if
key
,
ok
:=
privateKey
.
(
*
ecdsa
.
PrivateKey
);
ok
{
keyType
=
cert
.
ECPrivateKeyBlockType
bytes
,
err
=
x509
.
MarshalECPrivateKey
(
key
)
}
else
if
key
,
ok
:=
privateKey
.
(
*
rsa
.
PrivateKey
);
ok
{
keyType
=
cert
.
RSAPrivateKeyBlockType
bytes
=
x509
.
MarshalPKCS1PrivateKey
(
key
)
}
else
{
keyType
=
cert
.
PrivateKeyBlockType
bytes
,
err
=
x509
.
MarshalPKCS8PrivateKey
(
privateKey
)
}
if
err
!=
nil
{
logrus
.
Errorf
(
"Unable to marshal private key: %v"
,
err
)
}
return
keyType
,
bytes
,
err
}
func
newPrivateKey
()
(
crypto
.
Signer
,
error
)
{
caKeyBytes
,
err
:=
cert
.
MakeEllipticPrivateKeyPEM
()
if
err
!=
nil
{
return
nil
,
err
}
caKeyIFace
,
err
:=
cert
.
ParsePrivateKeyPEM
(
caKeyBytes
)
if
err
!=
nil
{
return
nil
,
err
}
return
caKeyIFace
.
(
crypto
.
Signer
),
nil
}
func
(
s
*
server
)
save
()
(
_err
error
)
{
defer
func
()
{
if
_err
!=
nil
{
logrus
.
Errorf
(
"Saving cert error: %s"
,
_err
)
}
}()
certStr
,
err
:=
certToString
(
s
.
tlsCert
)
if
err
!=
nil
{
return
err
}
cfg
,
err
:=
s
.
listenConfigStorage
.
Get
()
if
err
!=
nil
{
return
err
}
cfg
.
GeneratedCerts
=
map
[
string
]
string
{
s
.
cn
:
certStr
}
_
,
err
=
s
.
listenConfigStorage
.
Set
(
cfg
)
return
err
}
func
(
s
*
server
)
userConfigure
()
error
{
if
s
.
userConfig
.
HTTPSPort
==
0
{
s
.
userConfig
.
HTTPSPort
=
8443
}
for
_
,
d
:=
range
s
.
userConfig
.
Domains
{
s
.
domains
[
d
]
=
true
}
for
_
,
ip
:=
range
s
.
userConfig
.
KnownIPs
{
if
netIP
:=
net
.
ParseIP
(
ip
);
netIP
!=
nil
{
s
.
ips
[
ip
]
=
true
}
}
if
bindAddress
:=
net
.
ParseIP
(
s
.
userConfig
.
BindAddress
);
bindAddress
!=
nil
{
s
.
ips
[
s
.
userConfig
.
BindAddress
]
=
true
}
if
s
.
activeCA
==
nil
&&
s
.
activeCAKey
==
nil
{
if
s
.
userConfig
.
CACerts
!=
""
&&
s
.
userConfig
.
CAKey
!=
""
{
ca
,
err
:=
cert
.
ParseCertsPEM
([]
byte
(
s
.
userConfig
.
CACerts
))
if
err
!=
nil
{
return
err
}
key
,
err
:=
cert
.
ParsePrivateKeyPEM
([]
byte
(
s
.
userConfig
.
CAKey
))
if
err
!=
nil
{
return
err
}
s
.
activeCA
=
ca
[
0
]
s
.
activeCAKey
=
key
.
(
crypto
.
Signer
)
}
else
{
ca
,
key
,
err
:=
genCA
()
if
err
!=
nil
{
return
err
}
s
.
activeCA
=
ca
s
.
activeCAKey
=
key
}
}
return
nil
}
func
genCA
()
(
*
x509
.
Certificate
,
crypto
.
Signer
,
error
)
{
caKey
,
err
:=
newPrivateKey
()
if
err
!=
nil
{
return
nil
,
nil
,
err
}
caCert
,
err
:=
cert
.
NewSelfSignedCACert
(
cert
.
Config
{
CommonName
:
"k3s-ca"
,
Organization
:
[]
string
{
"k3s-org"
},
},
caKey
)
if
err
!=
nil
{
return
nil
,
nil
,
err
}
return
caCert
,
caKey
,
nil
}
func
(
s
*
server
)
Update
(
status
*
ListenerStatus
)
(
_err
error
)
{
s
.
Lock
()
defer
func
()
{
s
.
Unlock
()
if
_err
!=
nil
{
logrus
.
Errorf
(
"Update cert error: %s"
,
_err
)
}
if
s
.
tlsCert
==
nil
{
s
.
getCertificate
(
&
tls
.
ClientHelloInfo
{
ServerName
:
"localhost"
})
}
}()
certString
:=
status
.
GeneratedCerts
[
s
.
cn
]
tlsCert
,
err
:=
stringToCert
(
certString
)
if
err
!=
nil
{
logrus
.
Errorf
(
"Update cert unable to convert string to cert: %s"
,
err
)
s
.
tlsCert
=
nil
}
if
tlsCert
!=
nil
{
s
.
tlsCert
=
tlsCert
for
i
,
certBytes
:=
range
tlsCert
.
Certificate
{
parsedCert
,
err
:=
x509
.
ParseCertificate
(
certBytes
)
if
err
!=
nil
{
logrus
.
Errorf
(
"Update cert %d parse error: %s"
,
i
,
err
)
s
.
tlsCert
=
nil
break
}
isExpired
:=
cert
.
IsCertExpired
(
parsedCert
)
if
isExpired
{
logrus
.
Infof
(
"certificate is about to expire"
)
s
.
tlsCert
=
nil
break
}
ips
:=
map
[
string
]
bool
{}
for
_
,
ip
:=
range
parsedCert
.
IPAddresses
{
ips
[
ip
.
String
()]
=
true
}
domains
:=
map
[
string
]
bool
{}
for
_
,
domain
:=
range
parsedCert
.
DNSNames
{
domains
[
domain
]
=
true
}
if
!
(
reflect
.
DeepEqual
(
ips
,
s
.
ips
)
&&
reflect
.
DeepEqual
(
domains
,
s
.
domains
))
{
subset
:=
true
for
ip
:=
range
s
.
ips
{
if
!
ips
[
ip
]
{
subset
=
false
break
}
}
if
subset
{
for
domain
:=
range
s
.
domains
{
if
!
domains
[
domain
]
{
subset
=
false
break
}
}
}
if
!
subset
{
s
.
tlsCert
=
nil
}
for
ip
:=
range
ips
{
s
.
ips
[
ip
]
=
true
}
for
domain
:=
range
domains
{
s
.
domains
[
domain
]
=
true
}
}
}
}
return
s
.
reload
()
}
func
(
s
*
server
)
shutdown
()
error
{
for
_
,
listener
:=
range
s
.
listeners
{
if
err
:=
listener
.
Close
();
err
!=
nil
{
return
err
}
}
s
.
listeners
=
nil
for
_
,
server
:=
range
s
.
servers
{
go
server
.
Shutdown
(
context
.
Background
())
}
s
.
servers
=
nil
return
nil
}
func
(
s
*
server
)
reload
()
error
{
if
len
(
s
.
listeners
)
>
0
{
return
nil
}
if
err
:=
s
.
shutdown
();
err
!=
nil
{
return
err
}
if
err
:=
s
.
serveHTTPS
();
err
!=
nil
{
return
err
}
return
nil
}
func
(
s
*
server
)
getCertificate
(
hello
*
tls
.
ClientHelloInfo
)
(
_servingCert
*
tls
.
Certificate
,
_err
error
)
{
s
.
Lock
()
changed
:=
false
defer
func
()
{
defer
s
.
Unlock
()
if
_err
!=
nil
{
logrus
.
Errorf
(
"Get certificate error: %s"
,
_err
)
return
}
if
changed
{
s
.
save
()
}
}()
if
hello
.
ServerName
!=
""
&&
!
s
.
domains
[
hello
.
ServerName
]
{
s
.
tlsCert
=
nil
s
.
domains
[
hello
.
ServerName
]
=
true
}
if
s
.
tlsCert
!=
nil
{
return
s
.
tlsCert
,
nil
}
ips
:=
[]
net
.
IP
{}
for
ipStr
:=
range
s
.
ips
{
if
ip
:=
net
.
ParseIP
(
ipStr
);
ip
!=
nil
{
ips
=
append
(
ips
,
ip
)
}
}
dnsNames
:=
[]
string
{}
for
domain
:=
range
s
.
domains
{
dnsNames
=
append
(
dnsNames
,
domain
)
}
cfg
:=
cert
.
Config
{
CommonName
:
s
.
cn
,
Organization
:
s
.
activeCA
.
Subject
.
Organization
,
Usages
:
[]
x509
.
ExtKeyUsage
{
x509
.
ExtKeyUsageServerAuth
},
AltNames
:
cert
.
AltNames
{
DNSNames
:
dnsNames
,
IPs
:
ips
,
},
}
key
,
err
:=
newPrivateKey
()
if
err
!=
nil
{
return
nil
,
err
}
cert
,
err
:=
cert
.
NewSignedCert
(
cfg
,
key
,
s
.
activeCA
,
s
.
activeCAKey
)
if
err
!=
nil
{
return
nil
,
err
}
tlsCert
:=
&
tls
.
Certificate
{
Certificate
:
[][]
byte
{
cert
.
Raw
,
},
PrivateKey
:
key
,
}
changed
=
true
s
.
tlsCert
=
tlsCert
return
tlsCert
,
nil
}
func
(
s
*
server
)
cacheHandler
(
handler
http
.
Handler
)
http
.
Handler
{
return
http
.
HandlerFunc
(
func
(
resp
http
.
ResponseWriter
,
req
*
http
.
Request
)
{
h
,
_
,
err
:=
net
.
SplitHostPort
(
req
.
Host
)
if
err
!=
nil
{
h
=
req
.
Host
}
s
.
Lock
()
if
ip
:=
net
.
ParseIP
(
h
);
ip
!=
nil
{
if
!
s
.
ips
[
h
]
{
s
.
ips
[
h
]
=
true
s
.
tlsCert
=
nil
}
}
else
{
if
!
s
.
domains
[
h
]
{
s
.
domains
[
h
]
=
true
s
.
tlsCert
=
nil
}
}
s
.
Unlock
()
handler
.
ServeHTTP
(
resp
,
req
)
})
}
func
(
s
*
server
)
serveHTTPS
()
error
{
conf
:=
&
tls
.
Config
{
ClientAuth
:
tls
.
RequestClientCert
,
GetCertificate
:
s
.
getCertificate
,
PreferServerCipherSuites
:
true
,
}
listener
,
err
:=
s
.
newListener
(
s
.
userConfig
.
BindAddress
,
s
.
userConfig
.
HTTPSPort
,
conf
)
if
err
!=
nil
{
return
err
}
logger
:=
logrus
.
StandardLogger
()
server
:=
&
http
.
Server
{
Handler
:
s
.
cacheHandler
(
s
.
Handler
()),
ErrorLog
:
log
.
New
(
logger
.
WriterLevel
(
logrus
.
DebugLevel
),
""
,
log
.
LstdFlags
),
}
s
.
servers
=
append
(
s
.
servers
,
server
)
s
.
startServer
(
listener
,
server
)
if
s
.
userConfig
.
HTTPPort
>
0
{
httpListener
,
err
:=
s
.
newListener
(
s
.
userConfig
.
BindAddress
,
s
.
userConfig
.
HTTPPort
,
nil
)
if
err
!=
nil
{
return
err
}
httpServer
:=
&
http
.
Server
{
Handler
:
s
.
cacheHandler
(
httpRedirect
(
s
.
Handler
())),
ErrorLog
:
log
.
New
(
logger
.
WriterLevel
(
logrus
.
DebugLevel
),
""
,
log
.
LstdFlags
),
}
s
.
servers
=
append
(
s
.
servers
,
httpServer
)
s
.
startServer
(
httpListener
,
httpServer
)
}
return
nil
}
// Approach taken from letsencrypt, except manglePort is specific to us
func
httpRedirect
(
next
http
.
Handler
)
http
.
Handler
{
return
http
.
HandlerFunc
(
func
(
rw
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
if
r
.
Header
.
Get
(
"x-Forwarded-Proto"
)
==
"https"
||
strings
.
HasPrefix
(
r
.
URL
.
Path
,
"/ping"
)
||
strings
.
HasPrefix
(
r
.
URL
.
Path
,
"/health"
)
{
next
.
ServeHTTP
(
rw
,
r
)
return
}
if
r
.
Method
!=
"GET"
&&
r
.
Method
!=
"HEAD"
{
http
.
Error
(
rw
,
"Use HTTPS"
,
http
.
StatusBadRequest
)
return
}
target
:=
"https://"
+
manglePort
(
r
.
Host
)
+
r
.
URL
.
RequestURI
()
http
.
Redirect
(
rw
,
r
,
target
,
http
.
StatusFound
)
})
}
func
manglePort
(
hostport
string
)
string
{
host
,
port
,
err
:=
net
.
SplitHostPort
(
hostport
)
if
err
!=
nil
{
return
hostport
}
portInt
,
err
:=
strconv
.
Atoi
(
port
)
if
err
!=
nil
{
return
hostport
}
portInt
=
((
portInt
/
1000
)
*
1000
)
+
443
return
net
.
JoinHostPort
(
host
,
strconv
.
Itoa
(
portInt
))
}
func
(
s
*
server
)
startServer
(
listener
net
.
Listener
,
server
*
http
.
Server
)
{
go
func
()
{
if
err
:=
server
.
Serve
(
listener
);
err
!=
nil
{
logrus
.
Errorf
(
"server on %v returned err: %v"
,
listener
.
Addr
(),
err
)
}
}()
}
func
(
s
*
server
)
Handler
()
http
.
Handler
{
return
s
.
userConfig
.
Handler
}
func
(
s
*
server
)
newListener
(
ip
string
,
port
int
,
config
*
tls
.
Config
)
(
net
.
Listener
,
error
)
{
addr
:=
fmt
.
Sprintf
(
"%s:%d"
,
ip
,
port
)
l
,
err
:=
net
.
Listen
(
"tcp"
,
addr
)
if
err
!=
nil
{
return
nil
,
err
}
l
=
tcpKeepAliveListener
{
l
.
(
*
net
.
TCPListener
)}
if
config
!=
nil
{
l
=
tls
.
NewListener
(
l
,
config
)
}
s
.
listeners
=
append
(
s
.
listeners
,
l
)
logrus
.
Info
(
"Listening on "
,
addr
)
return
l
,
nil
}
func
stringToCert
(
certString
string
)
(
*
tls
.
Certificate
,
error
)
{
parts
:=
strings
.
Split
(
certString
,
"#"
)
if
len
(
parts
)
!=
2
{
return
nil
,
errors
.
New
(
"Unable to split cert into two parts"
)
}
certPart
,
keyPart
:=
parts
[
0
],
parts
[
1
]
keyBytes
,
err
:=
base64
.
StdEncoding
.
DecodeString
(
keyPart
)
if
err
!=
nil
{
return
nil
,
err
}
key
,
err
:=
cert
.
ParsePrivateKeyPEM
(
keyBytes
)
if
err
!=
nil
{
return
nil
,
err
}
certBytes
,
err
:=
base64
.
StdEncoding
.
DecodeString
(
certPart
)
if
err
!=
nil
{
return
nil
,
err
}
return
&
tls
.
Certificate
{
Certificate
:
[][]
byte
{
certBytes
},
PrivateKey
:
key
,
},
nil
}
func
certToString
(
cert
*
tls
.
Certificate
)
(
string
,
error
)
{
keyType
,
keyBytes
,
err
:=
marshalPrivateKey
(
cert
.
PrivateKey
.
(
crypto
.
Signer
))
if
err
!=
nil
{
return
""
,
err
}
privateKeyPemBlock
:=
&
pem
.
Block
{
Type
:
keyType
,
Bytes
:
keyBytes
,
}
pemBytes
:=
pem
.
EncodeToMemory
(
privateKeyPemBlock
)
certString
:=
base64
.
StdEncoding
.
EncodeToString
(
cert
.
Certificate
[
0
])
keyString
:=
base64
.
StdEncoding
.
EncodeToString
(
pemBytes
)
return
certString
+
"#"
+
keyString
,
nil
}
type
tcpKeepAliveListener
struct
{
*
net
.
TCPListener
}
func
(
ln
tcpKeepAliveListener
)
Accept
()
(
c
net
.
Conn
,
err
error
)
{
tc
,
err
:=
ln
.
AcceptTCP
()
if
err
!=
nil
{
return
}
tc
.
SetKeepAlive
(
true
)
tc
.
SetKeepAlivePeriod
(
3
*
time
.
Minute
)
return
tc
,
nil
}
vendor/github.com/rancher/dynamiclistener/storage/file/file.go
0 → 100644
View file @
69949dda
package
file
import
(
"encoding/json"
"github.com/rancher/dynamiclistener"
"k8s.io/api/core/v1"
"os"
)
func
New
(
file
string
)
dynamiclistener
.
TLSStorage
{
return
&
storage
{
file
:
file
,
}
}
type
storage
struct
{
file
string
}
func
(
s
*
storage
)
Get
()
(
*
v1
.
Secret
,
error
)
{
f
,
err
:=
os
.
Open
(
s
.
file
)
if
os
.
IsNotExist
(
err
)
{
return
nil
,
nil
}
else
if
err
!=
nil
{
return
nil
,
err
}
defer
f
.
Close
()
secret
:=
v1
.
Secret
{}
return
&
secret
,
json
.
NewDecoder
(
f
)
.
Decode
(
&
secret
)
}
func
(
s
*
storage
)
Update
(
secret
*
v1
.
Secret
)
error
{
f
,
err
:=
os
.
Create
(
s
.
file
)
if
err
!=
nil
{
return
err
}
defer
f
.
Close
()
return
json
.
NewEncoder
(
f
)
.
Encode
(
secret
)
}
vendor/github.com/rancher/dynamiclistener/storage/kubernetes/controller.go
0 → 100644
View file @
69949dda
package
kubernetes
import
(
"context"
"sync"
"time"
"github.com/rancher/dynamiclistener"
"github.com/rancher/wrangler-api/pkg/generated/controllers/core"
v1controller
"github.com/rancher/wrangler-api/pkg/generated/controllers/core/v1"
"github.com/rancher/wrangler/pkg/start"
v1
"k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/equality"
)
type
CoreGetter
func
()
*
core
.
Factory
func
New
(
ctx
context
.
Context
,
core
CoreGetter
,
namespace
,
name
string
,
backing
dynamiclistener
.
TLSStorage
)
dynamiclistener
.
TLSStorage
{
storage
:=
&
storage
{
name
:
name
,
namespace
:
namespace
,
storage
:
backing
,
ctx
:
ctx
,
}
// lazy init
go
func
()
{
for
{
core
:=
core
()
if
core
!=
nil
{
storage
.
init
(
core
.
Core
()
.
V1
()
.
Secret
())
start
.
All
(
ctx
,
5
,
core
)
return
}
select
{
case
<-
ctx
.
Done
()
:
return
case
<-
time
.
After
(
time
.
Second
)
:
}
}
}()
return
storage
}
type
storage
struct
{
sync
.
Mutex
namespace
,
name
string
storage
dynamiclistener
.
TLSStorage
secrets
v1controller
.
SecretClient
ctx
context
.
Context
}
func
(
s
*
storage
)
init
(
secrets
v1controller
.
SecretController
)
{
s
.
Lock
()
defer
s
.
Unlock
()
secrets
.
OnChange
(
s
.
ctx
,
"tls-storage"
,
func
(
key
string
,
secret
*
v1
.
Secret
)
(
*
v1
.
Secret
,
error
)
{
if
secret
==
nil
{
return
nil
,
nil
}
if
secret
.
Namespace
==
s
.
namespace
&&
secret
.
Name
==
s
.
name
{
if
err
:=
s
.
Update
(
secret
);
err
!=
nil
{
return
nil
,
err
}
}
return
secret
,
nil
})
s
.
secrets
=
secrets
}
func
(
s
*
storage
)
Get
()
(
*
v1
.
Secret
,
error
)
{
s
.
Lock
()
defer
s
.
Unlock
()
return
s
.
storage
.
Get
()
}
func
(
s
*
storage
)
Update
(
secret
*
v1
.
Secret
)
(
err
error
)
{
s
.
Lock
()
defer
s
.
Unlock
()
if
s
.
secrets
!=
nil
{
if
secret
.
UID
==
""
{
secret
.
Name
=
s
.
name
secret
.
Namespace
=
s
.
namespace
secret
,
err
=
s
.
secrets
.
Create
(
secret
)
if
err
!=
nil
{
return
err
}
}
else
{
existingSecret
,
err
:=
s
.
storage
.
Get
()
if
err
!=
nil
{
return
err
}
if
!
equality
.
Semantic
.
DeepEqual
(
secret
.
Data
,
existingSecret
.
Data
)
{
secret
,
err
=
s
.
secrets
.
Update
(
secret
)
if
err
!=
nil
{
return
err
}
}
}
}
return
s
.
storage
.
Update
(
secret
)
}
vendor/github.com/rancher/dynamiclistener/storage/memory/memory.go
0 → 100644
View file @
69949dda
package
memory
import
(
"github.com/rancher/dynamiclistener"
v1
"k8s.io/api/core/v1"
)
func
New
()
dynamiclistener
.
TLSStorage
{
return
&
memory
{}
}
func
NewBacked
(
storage
dynamiclistener
.
TLSStorage
)
dynamiclistener
.
TLSStorage
{
return
&
memory
{
storage
:
storage
}
}
type
memory
struct
{
storage
dynamiclistener
.
TLSStorage
secret
*
v1
.
Secret
}
func
(
m
*
memory
)
Get
()
(
*
v1
.
Secret
,
error
)
{
if
m
.
secret
==
nil
&&
m
.
storage
!=
nil
{
secret
,
err
:=
m
.
storage
.
Get
()
if
err
!=
nil
{
return
nil
,
err
}
m
.
secret
=
secret
}
return
m
.
secret
,
nil
}
func
(
m
*
memory
)
Update
(
secret
*
v1
.
Secret
)
error
{
if
m
.
storage
!=
nil
{
if
err
:=
m
.
storage
.
Update
(
secret
);
err
!=
nil
{
return
err
}
}
m
.
secret
=
secret
return
nil
}
vendor/github.com/rancher/dynamiclistener/tcp.go
0 → 100644
View file @
69949dda
package
dynamiclistener
import
(
"fmt"
"net"
"reflect"
"time"
)
func
NewTCPListener
(
ip
string
,
port
int
)
(
net
.
Listener
,
error
)
{
l
,
err
:=
net
.
Listen
(
"tcp"
,
fmt
.
Sprintf
(
"%s:%d"
,
ip
,
port
))
if
err
!=
nil
{
return
nil
,
err
}
tcpListener
,
ok
:=
l
.
(
*
net
.
TCPListener
)
if
!
ok
{
return
nil
,
fmt
.
Errorf
(
"wrong listener type: %v"
,
reflect
.
TypeOf
(
tcpListener
))
}
return
tcpKeepAliveListener
{
TCPListener
:
tcpListener
,
},
nil
}
type
tcpKeepAliveListener
struct
{
*
net
.
TCPListener
}
func
(
ln
tcpKeepAliveListener
)
Accept
()
(
c
net
.
Conn
,
err
error
)
{
tc
,
err
:=
ln
.
AcceptTCP
()
if
err
!=
nil
{
return
}
tc
.
SetKeepAlive
(
true
)
tc
.
SetKeepAlivePeriod
(
3
*
time
.
Minute
)
return
tc
,
nil
}
vendor/github.com/rancher/dynamiclistener/types.go
deleted
100644 → 0
View file @
609c5e5f
package
dynamiclistener
import
(
"net/http"
)
type
ListenerConfigStorage
interface
{
Set
(
*
ListenerStatus
)
(
*
ListenerStatus
,
error
)
Get
()
(
*
ListenerStatus
,
error
)
}
type
ServerInterface
interface
{
Update
(
status
*
ListenerStatus
)
error
CACert
()
(
string
,
error
)
}
type
UserConfig
struct
{
// Required fields
Handler
http
.
Handler
HTTPPort
int
HTTPSPort
int
CertPath
string
// Optional fields
KnownIPs
[]
string
Domains
[]
string
Mode
string
NoCACerts
bool
CACerts
string
CAKey
string
Cert
string
Key
string
BindAddress
string
}
type
ListenerStatus
struct
{
Revision
string
`json:"revision,omitempty"`
CACert
string
`json:"caCert,omitempty"`
CAKey
string
`json:"caKey,omitempty"`
GeneratedCerts
map
[
string
]
string
`json:"generatedCerts" norman:"nocreate,noupdate"`
KnownIPs
map
[
string
]
bool
`json:"knownIps" norman:"nocreate,noupdate"`
}
func
(
l
*
ListenerStatus
)
DeepCopyInto
(
t
*
ListenerStatus
)
{
t
.
Revision
=
l
.
Revision
t
.
CACert
=
l
.
CACert
t
.
CAKey
=
l
.
CAKey
t
.
GeneratedCerts
=
copyMap
(
t
.
GeneratedCerts
)
t
.
KnownIPs
=
map
[
string
]
bool
{}
for
k
,
v
:=
range
l
.
KnownIPs
{
t
.
KnownIPs
[
k
]
=
v
}
}
func
copyMap
(
m
map
[
string
]
string
)
map
[
string
]
string
{
ret
:=
map
[
string
]
string
{}
for
k
,
v
:=
range
m
{
ret
[
k
]
=
v
}
return
ret
}
vendor/github.com/rancher/kine/pkg/client/client.go
deleted
100644 → 0
View file @
609c5e5f
package
client
import
(
"context"
"fmt"
"time"
"github.com/coreos/etcd/clientv3"
"github.com/rancher/kine/pkg/endpoint"
)
type
Value
struct
{
Data
[]
byte
Modified
int64
}
type
Client
interface
{
Get
(
ctx
context
.
Context
,
key
string
)
(
Value
,
error
)
Put
(
ctx
context
.
Context
,
key
string
,
value
[]
byte
)
error
Create
(
ctx
context
.
Context
,
key
string
,
value
[]
byte
)
error
Update
(
ctx
context
.
Context
,
key
string
,
revision
int64
,
value
[]
byte
)
error
Close
()
error
}
type
client
struct
{
c
*
clientv3
.
Client
}
func
New
(
config
endpoint
.
ETCDConfig
)
(
Client
,
error
)
{
tlsConfig
,
err
:=
config
.
TLSConfig
.
ClientConfig
()
if
err
!=
nil
{
return
nil
,
err
}
c
,
err
:=
clientv3
.
New
(
clientv3
.
Config
{
Endpoints
:
config
.
Endpoints
,
DialTimeout
:
5
*
time
.
Second
,
TLS
:
tlsConfig
,
})
if
err
!=
nil
{
return
nil
,
err
}
return
&
client
{
c
:
c
,
},
nil
}
func
(
c
*
client
)
Get
(
ctx
context
.
Context
,
key
string
)
(
Value
,
error
)
{
resp
,
err
:=
c
.
c
.
Get
(
ctx
,
key
)
if
err
!=
nil
{
return
Value
{},
err
}
if
len
(
resp
.
Kvs
)
==
1
{
return
Value
{
Data
:
resp
.
Kvs
[
0
]
.
Value
,
Modified
:
resp
.
Kvs
[
0
]
.
ModRevision
,
},
nil
}
return
Value
{},
nil
}
func
(
c
*
client
)
Put
(
ctx
context
.
Context
,
key
string
,
value
[]
byte
)
error
{
val
,
err
:=
c
.
Get
(
ctx
,
key
)
if
err
!=
nil
{
return
err
}
if
val
.
Modified
==
0
{
return
c
.
Create
(
ctx
,
key
,
value
)
}
return
c
.
Update
(
ctx
,
key
,
val
.
Modified
,
value
)
}
func
(
c
*
client
)
Create
(
ctx
context
.
Context
,
key
string
,
value
[]
byte
)
error
{
resp
,
err
:=
c
.
c
.
Txn
(
ctx
)
.
If
(
clientv3
.
Compare
(
clientv3
.
ModRevision
(
key
),
"="
,
0
))
.
Then
(
clientv3
.
OpPut
(
key
,
string
(
value
)))
.
Commit
()
if
err
!=
nil
{
return
err
}
if
!
resp
.
Succeeded
{
return
fmt
.
Errorf
(
"key exists"
)
}
return
nil
}
func
(
c
*
client
)
Update
(
ctx
context
.
Context
,
key
string
,
revision
int64
,
value
[]
byte
)
error
{
resp
,
err
:=
c
.
c
.
Txn
(
ctx
)
.
If
(
clientv3
.
Compare
(
clientv3
.
ModRevision
(
key
),
"="
,
revision
))
.
Then
(
clientv3
.
OpPut
(
key
,
string
(
value
)))
.
Else
(
clientv3
.
OpGet
(
key
))
.
Commit
()
if
err
!=
nil
{
return
err
}
if
!
resp
.
Succeeded
{
return
fmt
.
Errorf
(
"revision %d doesnt match"
,
revision
)
}
return
nil
}
func
(
c
*
client
)
Close
()
error
{
return
c
.
c
.
Close
()
}
vendor/modules.txt
View file @
69949dda
...
...
@@ -479,9 +479,9 @@ github.com/godbus/dbus
github.com/gogo/googleapis/google/rpc
# github.com/gogo/protobuf v1.3.0
github.com/gogo/protobuf/types
github.com/gogo/protobuf/gogoproto
github.com/gogo/protobuf/proto
github.com/gogo/protobuf/sortkeys
github.com/gogo/protobuf/gogoproto
github.com/gogo/protobuf/protoc-gen-gogo/descriptor
# github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef
github.com/golang/groupcache/lru
...
...
@@ -617,7 +617,7 @@ github.com/json-iterator/go
github.com/juju/errors
# github.com/karrick/godirwalk v1.7.5
github.com/karrick/godirwalk
# github.com/konsorten/go-windows-terminal-sequences v1.0.
2
# github.com/konsorten/go-windows-terminal-sequences v1.0.
1
github.com/konsorten/go-windows-terminal-sequences
# github.com/kubernetes-sigs/cri-tools v0.0.0-00010101000000-000000000000 => github.com/rancher/cri-tools v1.16.1-k3s.1
github.com/kubernetes-sigs/cri-tools/cmd/crictl
...
...
@@ -726,8 +726,12 @@ github.com/prometheus/procfs/internal/util
# github.com/rakelkar/gonetsh v0.0.0-20190719023240-501daadcadf8
github.com/rakelkar/gonetsh/netroute
github.com/rakelkar/gonetsh/netsh
# github.com/rancher/dynamiclistener v0.1.1-0.201910
10011134-8a2488bc860a
# github.com/rancher/dynamiclistener v0.1.1-0.201910
31022009-6224794ef3cb
github.com/rancher/dynamiclistener
github.com/rancher/dynamiclistener/factory
github.com/rancher/dynamiclistener/storage/file
github.com/rancher/dynamiclistener/storage/kubernetes
github.com/rancher/dynamiclistener/storage/memory
github.com/rancher/dynamiclistener/cert
# github.com/rancher/helm-controller v0.2.2
github.com/rancher/helm-controller/pkg/generated/controllers/helm.cattle.io
...
...
@@ -745,7 +749,6 @@ github.com/rancher/helm-controller/pkg/generated/informers/externalversions/inte
github.com/rancher/helm-controller/pkg/apis/helm.cattle.io
# github.com/rancher/kine v0.0.0-00010101000000-000000000000 => github.com/ibuildthecloud/kine v0.1.0
github.com/rancher/kine/pkg/endpoint
github.com/rancher/kine/pkg/client
github.com/rancher/kine/pkg/drivers/mysql
github.com/rancher/kine/pkg/drivers/pgsql
github.com/rancher/kine/pkg/drivers/sqlite
...
...
@@ -758,8 +761,8 @@ github.com/rancher/kine/pkg/broadcaster
# github.com/rancher/remotedialer v0.2.0
github.com/rancher/remotedialer
# github.com/rancher/wrangler v0.2.0
github.com/rancher/wrangler/pkg/start
github.com/rancher/wrangler/pkg/signals
github.com/rancher/wrangler/pkg/start
github.com/rancher/wrangler/pkg/controller-gen
github.com/rancher/wrangler/pkg/controller-gen/args
github.com/rancher/wrangler/pkg/cleanup
...
...
@@ -1021,15 +1024,15 @@ google.golang.org/api/transport/http/internal/propagation
# google.golang.org/appengine v1.5.0
google.golang.org/appengine/cloudsql
google.golang.org/appengine/urlfetch
google.golang.org/appengine
google.golang.org/appengine/internal
google.golang.org/appengine/internal/urlfetch
google.golang.org/appengine
google.golang.org/appengine/internal/app_identity
google.golang.org/appengine/internal/modules
google.golang.org/appengine/internal/base
google.golang.org/appengine/internal/datastore
google.golang.org/appengine/internal/log
google.golang.org/appengine/internal/remote_api
google.golang.org/appengine/internal/app_identity
google.golang.org/appengine/internal/modules
# google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873
google.golang.org/genproto/googleapis/rpc/status
google.golang.org/genproto/googleapis/api/annotations
...
...
@@ -1092,12 +1095,14 @@ k8s.io/api/core/v1
k8s.io/api/extensions/v1beta1
k8s.io/api/networking/v1
k8s.io/api/apps/v1
k8s.io/api/authentication/v1
k8s.io/api/autoscaling/v1
k8s.io/api/policy/v1beta1
k8s.io/api/apps/v1beta1
k8s.io/api/admissionregistration/v1
k8s.io/api/admissionregistration/v1beta1
k8s.io/api/apps/v1beta2
k8s.io/api/auditregistration/v1alpha1
k8s.io/api/autoscaling/v1
k8s.io/api/autoscaling/v2beta1
k8s.io/api/autoscaling/v2beta2
k8s.io/api/batch/v1
...
...
@@ -1111,7 +1116,6 @@ k8s.io/api/events/v1beta1
k8s.io/api/networking/v1beta1
k8s.io/api/node/v1alpha1
k8s.io/api/node/v1beta1
k8s.io/api/policy/v1beta1
k8s.io/api/rbac/v1
k8s.io/api/rbac/v1alpha1
k8s.io/api/rbac/v1beta1
...
...
@@ -1122,7 +1126,6 @@ k8s.io/api/settings/v1alpha1
k8s.io/api/storage/v1
k8s.io/api/storage/v1alpha1
k8s.io/api/storage/v1beta1
k8s.io/api/authentication/v1
k8s.io/api/authentication/v1beta1
k8s.io/api/authorization/v1
k8s.io/api/authorization/v1beta1
...
...
@@ -1178,9 +1181,10 @@ k8s.io/apiextensions-apiserver/pkg/client/informers/externalversions/apiextensio
k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1
k8s.io/apiextensions-apiserver/pkg/client/listers/apiextensions/v1beta1
# k8s.io/apimachinery v0.0.0 => github.com/rancher/kubernetes/staging/src/k8s.io/apimachinery v1.16.2-k3s.1
k8s.io/apimachinery/pkg/api/equality
k8s.io/apimachinery/pkg/apis/meta/v1
k8s.io/apimachinery/pkg/util/json
k8s.io/apimachinery/pkg/util/net
k8s.io/apimachinery/pkg/apis/meta/v1
k8s.io/apimachinery/pkg/labels
k8s.io/apimachinery/pkg/util/intstr
k8s.io/apimachinery/pkg/fields
...
...
@@ -1193,20 +1197,20 @@ k8s.io/apimachinery/pkg/apis/meta/v1/unstructured
k8s.io/apimachinery/pkg/util/yaml
k8s.io/apimachinery/pkg/runtime/serializer
k8s.io/apimachinery/pkg/util/runtime
k8s.io/apimachinery/pkg/api/equality
k8s.io/apimachinery/pkg/api/resource
k8s.io/apimachinery/pkg/conversion
k8s.io/apimachinery/pkg/selection
k8s.io/apimachinery/pkg/util/errors
k8s.io/apimachinery/pkg/util/validation
k8s.io/apimachinery/pkg/util/sets
k8s.io/apimachinery/pkg/util/wait
k8s.io/apimachinery/pkg/util/strategicpatch
k8s.io/apimachinery/pkg/api/resource
k8s.io/apimachinery/pkg/conversion
k8s.io/apimachinery/pkg/selection
k8s.io/apimachinery/pkg/api/meta
k8s.io/apimachinery/pkg/util/cache
k8s.io/apimachinery/pkg/util/clock
k8s.io/apimachinery/pkg/util/diff
k8s.io/apimachinery/pkg/util/naming
k8s.io/apimachinery/pkg/runtime/serializer/streaming
k8s.io/apimachinery/pkg/conversion/queryparams
k8s.io/apimachinery/pkg/api/validation/path
k8s.io/apimachinery/pkg/apis/meta/internalversion
...
...
@@ -1215,7 +1219,6 @@ k8s.io/apimachinery/pkg/util/rand
k8s.io/apimachinery/pkg/util/jsonmergepatch
k8s.io/apimachinery/pkg/util/validation/field
k8s.io/apimachinery/pkg/version
k8s.io/apimachinery/pkg/runtime/serializer/streaming
k8s.io/apimachinery/pkg/runtime/serializer/json
k8s.io/apimachinery/pkg/runtime/serializer/protobuf
k8s.io/apimachinery/pkg/runtime/serializer/recognizer
...
...
@@ -1224,9 +1227,9 @@ k8s.io/apimachinery/pkg/util/waitgroup
k8s.io/apimachinery/pkg/util/httpstream
k8s.io/apimachinery/pkg/util/remotecommand
k8s.io/apimachinery/pkg/util/httpstream/spdy
k8s.io/apimachinery/third_party/forked/golang/reflect
k8s.io/apimachinery/pkg/util/mergepatch
k8s.io/apimachinery/third_party/forked/golang/json
k8s.io/apimachinery/third_party/forked/golang/reflect
k8s.io/apimachinery/pkg/util/version
k8s.io/apimachinery/pkg/util/proxy
k8s.io/apimachinery/pkg/apis/meta/v1beta1
...
...
@@ -1366,31 +1369,22 @@ k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/hash
k8s.io/cli-runtime/pkg/kustomize/k8sdeps/transformer/patch
k8s.io/cli-runtime/pkg/kustomize/k8sdeps/kv
# k8s.io/client-go v11.0.1-0.20190409021438-1a26190bd76a+incompatible => github.com/rancher/kubernetes/staging/src/k8s.io/client-go v1.16.2-k3s.1
k8s.io/client-go/tools/clientcmd
k8s.io/client-go/util/cert
k8s.io/client-go/kubernetes
k8s.io/client-go/kubernetes/typed/core/v1
k8s.io/client-go/tools/clientcmd
k8s.io/client-go/informers
k8s.io/client-go/listers/core/v1
k8s.io/client-go/tools/cache
k8s.io/client-go/
transpor
t
k8s.io/client-go/
res
t
k8s.io/client-go/tools/clientcmd/api
k8s.io/client-go/discovery
k8s.io/client-go/rest
k8s.io/client-go/util/flowcontrol
k8s.io/client-go/discovery/fake
k8s.io/client-go/testing
k8s.io/client-go/kubernetes/typed/apps/v1
k8s.io/client-go/kubernetes/typed/core/v1
k8s.io/client-go/tools/portforward
k8s.io/client-go/tools/remotecommand
k8s.io/client-go/transport/spdy
k8s.io/client-go/informers/core
k8s.io/client-go/kubernetes/scheme
k8s.io/client-go/informers/core/v1
k8s.io/client-go/tools/auth
k8s.io/client-go/tools/clientcmd/api/latest
k8s.io/client-go/util/homedir
k8s.io/client-go/util/keyutil
k8s.io/client-go/kubernetes/typed/admissionregistration/v1
k8s.io/client-go/kubernetes/typed/admissionregistration/v1beta1
k8s.io/client-go/kubernetes/typed/apps/v1beta1
...
...
@@ -1427,6 +1421,11 @@ k8s.io/client-go/kubernetes/typed/settings/v1alpha1
k8s.io/client-go/kubernetes/typed/storage/v1
k8s.io/client-go/kubernetes/typed/storage/v1alpha1
k8s.io/client-go/kubernetes/typed/storage/v1beta1
k8s.io/client-go/kubernetes/scheme
k8s.io/client-go/tools/reference
k8s.io/client-go/tools/auth
k8s.io/client-go/tools/clientcmd/api/latest
k8s.io/client-go/util/homedir
k8s.io/client-go/informers/admissionregistration
k8s.io/client-go/informers/apps
k8s.io/client-go/informers/auditregistration
...
...
@@ -1434,6 +1433,7 @@ k8s.io/client-go/informers/autoscaling
k8s.io/client-go/informers/batch
k8s.io/client-go/informers/certificates
k8s.io/client-go/informers/coordination
k8s.io/client-go/informers/core
k8s.io/client-go/informers/discovery
k8s.io/client-go/informers/events
k8s.io/client-go/informers/extensions
...
...
@@ -1447,10 +1447,17 @@ k8s.io/client-go/informers/settings
k8s.io/client-go/informers/storage
k8s.io/client-go/tools/pager
k8s.io/client-go/util/retry
k8s.io/client-go/pkg/version
k8s.io/client-go/plugin/pkg/client/auth/exec
k8s.io/client-go/rest/watch
k8s.io/client-go/tools/metrics
k8s.io/client-go/transport
k8s.io/client-go/util/cert
k8s.io/client-go/informers/core/v1
k8s.io/client-go/tools/record
k8s.io/client-go/util/certificate
k8s.io/client-go/util/connrotation
k8s.io/client-go/
tools/metrics
k8s.io/client-go/
util/keyutil
k8s.io/client-go/tools/leaderelection
k8s.io/client-go/tools/leaderelection/resourcelock
k8s.io/client-go/discovery/cached
...
...
@@ -1460,13 +1467,9 @@ k8s.io/client-go/metadata
k8s.io/client-go/metadata/metadatainformer
k8s.io/client-go/restmapper
k8s.io/client-go/scale
k8s.io/client-go/pkg/version
k8s.io/client-go/plugin/pkg/client/auth/exec
k8s.io/client-go/rest/watch
k8s.io/client-go/util/workqueue
k8s.io/client-go/informers/apps/v1
k8s.io/client-go/listers/apps/v1
k8s.io/client-go/tools/reference
k8s.io/client-go/util/exec
k8s.io/client-go/tools/clientcmd/api/v1
k8s.io/client-go/informers/admissionregistration/v1
...
...
@@ -1501,6 +1504,9 @@ k8s.io/client-go/informers/settings/v1alpha1
k8s.io/client-go/informers/storage/v1
k8s.io/client-go/informers/storage/v1alpha1
k8s.io/client-go/informers/storage/v1beta1
k8s.io/client-go/pkg/apis/clientauthentication
k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1
k8s.io/client-go/pkg/apis/clientauthentication/v1beta1
k8s.io/client-go/tools/record/util
k8s.io/client-go/util/certificate/csr
k8s.io/client-go/listers/storage/v1beta1
...
...
@@ -1522,9 +1528,6 @@ k8s.io/client-go/listers/coordination/v1beta1
k8s.io/client-go/listers/autoscaling/v1
k8s.io/client-go/listers/storage/v1
k8s.io/client-go/tools/events
k8s.io/client-go/pkg/apis/clientauthentication
k8s.io/client-go/pkg/apis/clientauthentication/v1alpha1
k8s.io/client-go/pkg/apis/clientauthentication/v1beta1
k8s.io/client-go/discovery/cached/disk
k8s.io/client-go/util/jsonpath
k8s.io/client-go/listers/admissionregistration/v1
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment