The webserver at layeh.com seems to be misbehaving, which causes `go mod
verify` to fail. The layeh.com/radius repository is maintained on
GitHub, so the sources can be vendored/verified from there too.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The github.com/hashicorp/vault/sdk was listed in the replace section,
most likely because using a newer version failed. By adding a missing
tagged version to the `exclude` section in go.mod, updating the package
works fine.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This initial version of yamlgen generates deploy/scc.yaml based on the
deployment artifact that is provided by the new api/deploy/ocp package.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit also fixes k8s.io/cloud-providers v0.22.2,
instead of v1.22.1 which does not exist and was overrided
in replace.
Signed-off-by: Rakshith R <rar@redhat.com>
google.golang.org/grpc was listed in go.mod:replace and updating the
dependency was not possible. There should not be a reason to prevent
updating, commit 5aca04d540 added it but without explanation.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Dependabot can not update the dependencies for k8s.io/kubernetes
correctly. Helping the bot out with this additional commit.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
There is a problem accessing the code.cloudfoundry.org web service iver
TLS. It seems to redirect to GitHub, so use the package from there:
running: go mod verify
go: github.com/libopenstorage/secrets@v0.0.0-20210709082113-dde442ea20ec requires
github.com/hashicorp/vault@v1.4.2 requires
github.com/hashicorp/vault-plugin-auth-cf@v0.5.4 requires
github.com/cloudfoundry-community/go-cfclient@v0.0.0-20190201205600-f136f9222381 requires
code.cloudfoundry.org/gofileutils@v0.0.0-20170111115228-4d0c80011a0f: unrecognized import path "code.cloudfoundry.org/gofileutils": https fetch: Get "https://code.cloudfoundry.org/gofileutils?go-get=1": x509: certificate signed by unknown authority
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The `make containerized-test TARGET=mod-check` jobs fail because the web
service at gomodules.xyz is not behaving correctly at the moment:
running: go mod verify
go: sigs.k8s.io/controller-runtime@v0.9.2 requires
gomodules.xyz/jsonpatch/v2@v2.2.0: unrecognized import path "gomodules.xyz/jsonpatch/v2": reading https://gomodules.xyz/jsonpatch/v2?go-get=1: 404 Not Found
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Kubernetes v1.22 version has been released and this update
ceph csi dependencies to use the same version.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
libopenstorage has added a new feature that makes it possible to destroy
the contents of a key/value in the Hashicorp Vault kv-v2 secrets backend.
See-also: https://github.com/libopenstorage/secrets/pull/55
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit updates controller-runtime to v0.9.2 and
makes changes in persistentvolume.go to add context to
various functions and function calls made here instead of
context.TODO().
Signed-off-by: Rakshith R <rar@redhat.com>
Updated kubernetes packages to latest release.
resizefs package has been included into k8s.io/mount-utils
package. updated code to use the same.
Updates: #1968
Signed-off-by: Rakshith R <rar@redhat.com>
At present e2e snapshot code make use of snapshot v1beta1 api and client
This patch address the same and snapshot api clientset/apis are updated
to v1 version.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
client-go 1.20.6 has a fix for below CVE: This patch address this
via updating client-go and other dependencies.
CVE-2019-11250 : The MITRE CVE dictionary describes this issue as:
The Kubernetes client-go library logs request headers at verbosity
levels of 7 or higher. This can disclose credentials to unauthorized
users via logs or command output. Kubernetes components (such as
kube-apiserver) prior to v1.16.0, which make use of basic or bearer
token authentication, and run at high verbosity levels, are affected.
Ref# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
as the org github.com/kube-storage is renamed
to github.com/csi-addons as the name kube-storage
was more generic.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
added github.com/kube-storage/replication-lib-utils
to the vendor directory which is required to avoid
secret logging in GRPC.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
The new SecretsMetadataKMS provider encrypts/decrypts DEKs as they are
stored in the metadata of volumes. The encryption/decryption uses
golang.org/x/crypto/scrypt to generate the encryption key from a
passphrase.
While vendoring golang.org/x/crypto, already vendored sub-packages have
been updated.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Uses github.com/libopenstorage/secrets to communicate with Vault. This
removes the need for maintaining our own limited Vault APIs.
By adding the new dependency, several other packages got updated in the
process. Unused indirect dependencies have been removed from go.mod.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Updating the version of golang.org/x/text to version v0.3.3.
It fixes the vulnerability in http://golang.org/x/text/encoding/unicode
which leads UTF-16 decoder entering an infinite loop causing
the program to crash or run out of memory.
Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
This spec add the extra capability to node and controller
volume to report volume condition of a pv..etc.
Refer # https://github.com/ceph/ceph-csi/issues/1356
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
as go-ceph is 0.5.0 is released updating
the dependency to latest release.
more info about release at
https://github.com/ceph/go-ceph/releases/tag/v0.5.0
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This fix is needed because we were hitting:
```
vbom.ml/util@v0.0.0-20180919145318-efcd4e0f9787:
unrecognized import path "vbom.ml/util":
reading https://vbom.ml/util?go-get=1: 503 Service Unavailable
```
Source for the workaround:
golang/dep#1169
The fix consists in simply enforcing what the redirect was supposed to
do.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
There is no direct dependency on "github.com/pkg/errors" anymore, so it
can be removed from go.mod.
After running `go mod tidy`, the "github.com/pkg/errors" gets downgraded
to a version that is referenced in other depndencies. This was
unexpected, but seems needed.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The go-ceph version 0.4.0 is available now which got some important
library changes required for ceph csi project.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
v0.3.0 adds support for rbd.FeatureSet that can be used to parse the
features of an RBD image. This will be used in the followup commit that
adds rbdVolume.getImageInfo().
Signed-off-by: Niels de Vos <ndevos@redhat.com>
