rebase: bump the github-dependencies group across 1 directory with 7 updates

Bumps the github-dependencies group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) | `1.55.5` | `1.55.6` | | [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.33.2` | `1.33.10` | | [github.com/kubernetes-csi/csi-lib-utils](https://github.com/kubernetes-csi/csi-lib-utils) | `0.19.0` | `0.20.0` | | [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.22.0` | `2.22.2` | | [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.8.0` | `1.8.1` | | [github.com/csi-addons/kubernetes-csi-addons](https://github.com/csi-addons/kubernetes-csi-addons) | `0.9.0` | `0.11.0` | Updates `github.com/aws/aws-sdk-go` from 1.55.5 to 1.55.6 - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG_PENDING.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.55.5...v1.55.6) Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.33.2 to 1.33.10 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/fms/v1.33.2...service/sns/v1.33.10) Updates `github.com/kubernetes-csi/csi-lib-utils` from 0.19.0 to 0.20.0 - [Release notes](https://github.com/kubernetes-csi/csi-lib-utils/releases) - [Commits](https://github.com/kubernetes-csi/csi-lib-utils/compare/v0.19.0...v0.20.0) Updates `github.com/onsi/ginkgo/v2` from 2.22.0 to 2.22.2 - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.22.0...v2.22.2) Updates `github.com/onsi/gomega` from 1.36.1 to 1.36.2 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.36.1...v1.36.2) Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.8.0 to 1.8.1 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](https://github.com/Azure/azure-sdk-for-go/compare/sdk/azcore/v1.8.0...sdk/azidentity/v1.8.1) Updates `github.com/csi-addons/kubernetes-csi-addons` from 0.9.0 to 0.11.0 - [Release notes](https://github.com/csi-addons/kubernetes-csi-addons/releases) - [Commits](https://github.com/csi-addons/kubernetes-csi-addons/compare/v0.9.0...v0.11.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/kubernetes-csi/csi-lib-utils dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github.com/csi-addons/kubernetes-csi-addons dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2025-06-14 18:53:35 +00:00 · 2025-01-29 09:37:05 +00:00
parent 72cfaaf3fc
commit 0330a4141c
171 changed files with 5288 additions and 4495 deletions
--- a/vendor/github.com/kubernetes-csi/csi-lib-utils/protosanitizer/protosanitizer.go
+++ b/vendor/github.com/kubernetes-csi/csi-lib-utils/protosanitizer/protosanitizer.go
@ -21,12 +21,10 @@ package protosanitizer
 import (
 	"encoding/json"
 	"fmt"
-	"reflect"
-	"strings"

-	"github.com/golang/protobuf/descriptor"
-	"github.com/golang/protobuf/proto"
-	protobufdescriptor "github.com/golang/protobuf/protoc-gen-go/descriptor"
+	"github.com/container-storage-interface/spec/lib/go/csi"
+	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/reflect/protoreflect"
 )

 // StripSecrets returns a wrapper around the original CSI gRPC message
@ -42,135 +40,81 @@ import (
 // result to logging functions which may or may not end up serializing
 // the parameter depending on the current log level.
 func StripSecrets(msg interface{}) fmt.Stringer {
-	return &stripSecrets{msg, isCSI1Secret}
-}
-
-// StripSecretsCSI03 is like StripSecrets, except that it works
-// for messages based on CSI 0.3 and older. It does not work
-// for CSI 1.0, use StripSecrets for that.
-func StripSecretsCSI03(msg interface{}) fmt.Stringer {
-	return &stripSecrets{msg, isCSI03Secret}
+	return &stripSecrets{msg}
 }

 type stripSecrets struct {
-	msg interface{}
-
-	isSecretField func(field *protobufdescriptor.FieldDescriptorProto) bool
+	msg any
 }

 func (s *stripSecrets) String() string {
-	// First convert to a generic representation. That's less efficient
-	// than using reflect directly, but easier to work with.
-	var parsed interface{}
-	b, err := json.Marshal(s.msg)
-	if err != nil {
-		return fmt.Sprintf("<<json.Marshal %T: %s>>", s.msg, err)
-	}
-	if err := json.Unmarshal(b, &parsed); err != nil {
-		return fmt.Sprintf("<<json.Unmarshal %T: %s>>", s.msg, err)
+	stripped := s.msg
+
+	// also support scalar types like string, int, etc.
+	msg, ok := s.msg.(proto.Message)
+	if ok {
+		stripped = stripMessage(msg.ProtoReflect())
 	}

-	// Now remove secrets from the generic representation of the message.
-	s.strip(parsed, s.msg)
-
-	// Re-encoded the stripped representation and return that.
-	b, err = json.Marshal(parsed)
+	b, err := json.Marshal(stripped)
 	if err != nil {
 		return fmt.Sprintf("<<json.Marshal %T: %s>>", s.msg, err)
 	}
 	return string(b)
 }

-func (s *stripSecrets) strip(parsed interface{}, msg interface{}) {
-	protobufMsg, ok := msg.(descriptor.Message)
-	if !ok {
-		// Not a protobuf message, so we are done.
-		return
+func stripSingleValue(field protoreflect.FieldDescriptor, v protoreflect.Value) any {
+	switch field.Kind() {
+	case protoreflect.MessageKind:
+		return stripMessage(v.Message())
+	case protoreflect.EnumKind:
+		return field.Enum().Values().ByNumber(v.Enum()).Name()
+	default:
+		return v.Interface()
 	}
+}

-	// The corresponding map in the parsed JSON representation.
-	parsedFields, ok := parsed.(map[string]interface{})
-	if !ok {
-		// Probably nil.
-		return
+func stripValue(field protoreflect.FieldDescriptor, v protoreflect.Value) any {
+	if field.IsList() {
+		l := v.List()
+		res := make([]any, l.Len())
+		for i := range l.Len() {
+			res[i] = stripSingleValue(field, l.Get(i))
+		}
+		return res
+	} else if field.IsMap() {
+		m := v.Map()
+		res := make(map[string]any, m.Len())
+		m.Range(func(mk protoreflect.MapKey, v protoreflect.Value) bool {
+			res[mk.String()] = stripSingleValue(field.MapValue(), v)
+			return true
+		})
+		return res
+	} else {
+		return stripSingleValue(field, v)
 	}
+}
+
+func stripMessage(msg protoreflect.Message) map[string]any {
+	stripped := make(map[string]any)

 	// Walk through all fields and replace those with ***stripped*** that
-	// are marked as secret. This relies on protobuf adding "json:" tags
-	// on each field where the name matches the field name in the protobuf
-	// spec (like volume_capabilities). The field.GetJsonName() method returns
-	// a different name (volumeCapabilities) which we don't use.
-	_, md := descriptor.ForMessage(protobufMsg)
-	fields := md.GetField()
-	if fields != nil {
-		for _, field := range fields {
-			if s.isSecretField(field) {
-				// Overwrite only if already set.
-				if _, ok := parsedFields[field.GetName()]; ok {
-					parsedFields[field.GetName()] = "***stripped***"
-				}
-			} else if field.GetType() == protobufdescriptor.FieldDescriptorProto_TYPE_MESSAGE {
-				// When we get here,
-				// the type name is something like ".csi.v1.CapacityRange" (leading dot!)
-				// and looking up "csi.v1.CapacityRange"
-				// returns the type of a pointer to a pointer
-				// to CapacityRange. We need a pointer to such
-				// a value for recursive stripping.
-				typeName := field.GetTypeName()
-				if strings.HasPrefix(typeName, ".") {
-					typeName = typeName[1:]
-				}
-				t := proto.MessageType(typeName)
-				if t == nil || t.Kind() != reflect.Ptr {
-					// Shouldn't happen, but
-					// better check anyway instead
-					// of panicking.
-					continue
-				}
-				v := reflect.New(t.Elem())
-
-				// Recursively strip the message(s) that
-				// the field contains.
-				i := v.Interface()
-				entry := parsedFields[field.GetName()]
-				if slice, ok := entry.([]interface{}); ok {
-					// Array of values, like VolumeCapabilities in CreateVolumeRequest.
-					for _, entry := range slice {
-						s.strip(entry, i)
-					}
-				} else {
-					// Single value.
-					s.strip(entry, i)
-				}
-			}
+	// are marked as secret.
+	msg.Range(func(field protoreflect.FieldDescriptor, v protoreflect.Value) bool {
+		name := field.TextName()
+		if isCSI1Secret(field) {
+			stripped[name] = "***stripped***"
+		} else {
+			stripped[name] = stripValue(field, v)
 		}
-	}
+		return true
+	})
+	return stripped
 }

 // isCSI1Secret uses the csi.E_CsiSecret extension from CSI 1.0 to
 // determine whether a field contains secrets.
-func isCSI1Secret(field *protobufdescriptor.FieldDescriptorProto) bool {
-	ex, err := proto.GetExtension(field.Options, e_CsiSecret)
-	return err == nil && ex != nil && *ex.(*bool)
-}
-
-// Copied from the CSI 1.0 spec (https://github.com/container-storage-interface/spec/blob/37e74064635d27c8e33537c863b37ccb1182d4f8/lib/go/csi/csi.pb.go#L4520-L4527)
-// to avoid a package dependency that would prevent usage of this package
-// in repos using an older version of the spec.
-//
-// Future revision of the CSI spec must not change this extensions, otherwise
-// they will break filtering in binaries based on the 1.0 version of the spec.
-var e_CsiSecret = &proto.ExtensionDesc{
-	ExtendedType:  (*protobufdescriptor.FieldOptions)(nil),
-	ExtensionType: (*bool)(nil),
-	Field:         1059,
-	Name:          "csi.v1.csi_secret",
-	Tag:           "varint,1059,opt,name=csi_secret,json=csiSecret",
-	Filename:      "github.com/container-storage-interface/spec/csi.proto",
-}
-
-// isCSI03Secret relies on the naming convention in CSI <= 0.3
-// to determine whether a field contains secrets.
-func isCSI03Secret(field *protobufdescriptor.FieldDescriptorProto) bool {
-	return strings.HasSuffix(field.GetName(), "_secrets")
+func isCSI1Secret(desc protoreflect.FieldDescriptor) bool {
+	ex := proto.GetExtension(desc.Options(), csi.E_CsiSecret)
+	return ex.(bool)
 }