diff --git a/go.mod b/go.mod index eaf5c90d3b0..6ffb760a32b 100644 --- a/go.mod +++ b/go.mod @@ -1,7 +1,6 @@ module github.com/tektoncd/pipeline go 1.22.7 - toolchain go1.23.4 require ( @@ -21,7 +20,7 @@ require ( github.com/opencontainers/image-spec v1.1.0 github.com/pkg/errors v0.9.1 github.com/sigstore/sigstore v1.8.12 - github.com/spiffe/go-spiffe/v2 v2.4.0 + github.com/spiffe/go-spiffe/v2 v2.5.0 github.com/spiffe/spire-api-sdk v1.11.1 github.com/tektoncd/plumbing v0.0.0-20220817140952-3da8ce01aeeb go.opencensus.io v0.24.0 @@ -132,7 +131,7 @@ require ( github.com/stoewer/go-strcase v1.2.0 // indirect github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect github.com/x448/float16 v0.8.4 // indirect - github.com/zeebo/errs v1.3.0 // indirect + github.com/zeebo/errs v1.4.0 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect diff --git a/go.sum b/go.sum index 48433052824..4d154499a32 100644 --- a/go.sum +++ b/go.sum @@ -1073,8 +1073,8 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= -github.com/spiffe/go-spiffe/v2 v2.4.0 h1:j/FynG7hi2azrBG5cvjRcnQ4sux/VNj8FAVc99Fl66c= -github.com/spiffe/go-spiffe/v2 v2.4.0/go.mod h1:m5qJ1hGzjxjtrkGHZupoXHo/FDWwCB1MdSyBzfHugx0= +github.com/spiffe/go-spiffe/v2 v2.5.0 h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE= +github.com/spiffe/go-spiffe/v2 v2.5.0/go.mod h1:P+NxobPc6wXhVtINNtFjNWGBTreew1GBUCwT2wPmb7g= github.com/spiffe/spire-api-sdk v1.11.1 h1:s5RWwBszfMYsRQTGeB6p93NfYBuwHP0tjHFEj5LHun0= github.com/spiffe/spire-api-sdk v1.11.1/go.mod h1:4uuhFlN6KBWjACRP3xXwrOTNnvaLp1zJs8Lribtr4fI= github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= @@ -1152,8 +1152,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs= -github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= +github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM= +github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= diff --git a/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/bundle.go b/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/bundle.go index ff2fcd71e45..ebd3cacd47b 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/bundle.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/bundle.go @@ -3,6 +3,7 @@ package jwtbundle import ( "crypto" "encoding/json" + "errors" "io" "os" "sync" @@ -69,7 +70,7 @@ func Parse(trustDomain spiffeid.TrustDomain, bundleBytes []byte) (*Bundle, error bundle := New(trustDomain) for i, key := range jwks.Keys { if err := bundle.AddJWTAuthority(key.KeyID, key.Key); err != nil { - return nil, jwtbundleErr.New("error adding authority %d of JWKS: %v", i, errs.Unwrap(err)) + return nil, jwtbundleErr.New("error adding authority %d of JWKS: %v", i, errors.Unwrap(err)) } } diff --git a/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/doc.go b/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/doc.go index ef165d88275..394878e1b2a 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/doc.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/bundle/jwtbundle/doc.go @@ -5,17 +5,17 @@ // // You can create a new bundle for a specific trust domain: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := jwtbundle.New(td) // // Or you can load it from disk: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := jwtbundle.Load(td, "bundle.jwks") // // The bundle can be initialized with JWT authorities: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // var jwtAuthorities map[string]crypto.PublicKey = ... // bundle := jwtbundle.FromJWTAuthorities(td, jwtAuthorities) // diff --git a/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/bundle.go b/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/bundle.go index be176423c1f..13b103e24cc 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/bundle.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/bundle.go @@ -4,6 +4,7 @@ import ( "crypto" "crypto/x509" "encoding/json" + "errors" "io" "os" "sync" @@ -106,7 +107,7 @@ func Parse(trustDomain spiffeid.TrustDomain, bundleBytes []byte) (*Bundle, error bundle.AddX509Authority(key.Certificates[0]) case jwtSVIDUse: if err := bundle.AddJWTAuthority(key.KeyID, key.Key); err != nil { - return nil, spiffebundleErr.New("error adding authority %d of JWKS: %v", i, errs.Unwrap(err)) + return nil, spiffebundleErr.New("error adding authority %d of JWKS: %v", i, errors.Unwrap(err)) } } } diff --git a/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/doc.go b/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/doc.go index 82218f780d2..db9dcde31f0 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/doc.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/bundle/spiffebundle/doc.go @@ -5,17 +5,17 @@ // // You can create a new bundle for a specific trust domain: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := spiffebundle.New(td) // // Or you can load it from disk: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := spiffebundle.Load(td, "bundle.json") // // The bundle can be initialized with X.509 or JWT authorities: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // // var x509Authorities []*x509.Certificate = ... // bundle := spiffebundle.FromX509Authorities(td, x509Authorities) diff --git a/vendor/github.com/spiffe/go-spiffe/v2/bundle/x509bundle/doc.go b/vendor/github.com/spiffe/go-spiffe/v2/bundle/x509bundle/doc.go index d8a5d8b893f..889554f822a 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/bundle/x509bundle/doc.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/bundle/x509bundle/doc.go @@ -5,17 +5,17 @@ // // You can create a new bundle for a specific trust domain: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := x509bundle.New(td) // // Or you can load it from disk: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // bundle := x509bundle.Load(td, "bundle.pem") // // The bundle can be initialized with X.509 authorities: // -// td := spiffeid.RequireTrustDomain("example.org") +// td := spiffeid.RequireTrustDomainFromString("example.org") // var x509Authorities []*x509.Certificate = ... // bundle := x509bundle.FromX509Authorities(td, x509Authorities) // diff --git a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/addr.go b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/addr.go index 6ce0238fe45..a0039b114c4 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/addr.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/addr.go @@ -22,13 +22,13 @@ func GetDefaultAddress() (string, bool) { // a Workload API endpoint exposed as either a Unix // Domain Socket or TCP socket. func ValidateAddress(addr string) error { - _, err := parseTargetFromStringAddr(addr) + _, err := TargetFromAddress(addr) return err } -// parseTargetFromStringAddr parses the endpoint address and returns a gRPC target +// TargetFromAddress parses the endpoint address and returns a gRPC target // string for dialing. -func parseTargetFromStringAddr(addr string) (string, error) { +func TargetFromAddress(addr string) (string, error) { u, err := url.Parse(addr) if err != nil { return "", errors.New("workload endpoint socket is not a valid URI: " + err.Error()) diff --git a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_posix.go b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_posix.go index 8e91a28fa4c..58738b42e40 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_posix.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_posix.go @@ -24,6 +24,6 @@ func (c *Client) setAddress() error { } var err error - c.config.address, err = parseTargetFromStringAddr(c.config.address) + c.config.address, err = TargetFromAddress(c.config.address) return err } diff --git a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_windows.go b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_windows.go index fb628fccc1d..0a142666826 100644 --- a/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_windows.go +++ b/vendor/github.com/spiffe/go-spiffe/v2/workloadapi/client_windows.go @@ -45,7 +45,7 @@ func (c *Client) setAddress() error { c.config.dialOptions = append(c.config.dialOptions, grpc.WithContextDialer(winio.DialPipeContext)) } - c.config.address, err = parseTargetFromStringAddr(c.config.address) + c.config.address, err = TargetFromAddress(c.config.address) return err } diff --git a/vendor/github.com/zeebo/errs/AUTHORS b/vendor/github.com/zeebo/errs/AUTHORS index a970ee57732..6246e7403d5 100644 --- a/vendor/github.com/zeebo/errs/AUTHORS +++ b/vendor/github.com/zeebo/errs/AUTHORS @@ -1,4 +1,5 @@ Egon Elbre Jeff Wendling JT Olio -Kaloyan Raev \ No newline at end of file +Kaloyan Raev +paul cannon diff --git a/vendor/github.com/zeebo/errs/README.md b/vendor/github.com/zeebo/errs/README.md index be6bc0b4065..0f72bf7b012 100644 --- a/vendor/github.com/zeebo/errs/README.md +++ b/vendor/github.com/zeebo/errs/README.md @@ -152,7 +152,7 @@ func checkForNeatThings() { } ``` -It knows about both the `Cause() error` and `Unwrap() error` methods that are +It knows about both the `Unwrap() error` and `Unwrap() []error` methods that are often used in the community, and will call them as many times as possible. ### Defer diff --git a/vendor/github.com/zeebo/errs/errs.go b/vendor/github.com/zeebo/errs/errs.go index fec20c60721..9a42e3da87e 100644 --- a/vendor/github.com/zeebo/errs/errs.go +++ b/vendor/github.com/zeebo/errs/errs.go @@ -14,16 +14,11 @@ type Namer interface{ Name() (string, bool) } // Causer is implemented by all errors returned in this package. It returns // the underlying cause of the error, or nil if there is no underlying cause. +// +// Deprecated: check for the 'Unwrap()' interface from the stdlib errors package +// instead. type Causer interface{ Cause() error } -// unwrapper is implemented by all errors returned in this package. It returns -// the underlying cause of the error, or nil if there is no underlying error. -type unwrapper interface{ Unwrap() error } - -// ungrouper is implemented by combinedError returned in this package. It -// returns all underlying errors, or nil if there is no underlying error. -type ungrouper interface{ Ungroup() []error } - // New returns an error not contained in any class. This is the same as calling // fmt.Errorf(...) except it captures a stack trace on creation. func New(format string, args ...interface{}) error { @@ -45,23 +40,38 @@ func WrapP(err *error) { } } -// Often, we call Cause as much as possible. Since comparing arbitrary +// Often, we call Unwrap as much as possible. Since comparing arbitrary // interfaces with equality isn't panic safe, we only loop up to 100 // times to ensure that a poor implementation that causes a cycle does // not run forever. -const maxCause = 100 +const maxUnwrap = 100 -// Unwrap returns the underlying error, if any, or just the error. +// Unwrap returns the final, most underlying error, if any, or just the error. +// +// Deprecated: Prefer errors.Is() and errors.As(). func Unwrap(err error) error { - for i := 0; err != nil && i < maxCause; i++ { + for i := 0; err != nil && i < maxUnwrap; i++ { var nerr error switch e := err.(type) { case Causer: nerr = e.Cause() - case unwrapper: + case interface{ Unwrap() error }: nerr = e.Unwrap() + + case interface{ Ungroup() []error }: + // consider the first error to be the "main" error. + errs := e.Ungroup() + if len(errs) > 0 { + nerr = errs[0] + } + case interface{ Unwrap() []error }: + // consider the first error to be the "main" error. + errs := e.Unwrap() + if len(errs) > 0 { + nerr = errs[0] + } } if nerr == nil { @@ -75,81 +85,47 @@ func Unwrap(err error) error { // Classes returns all the classes that have wrapped the error. func Classes(err error) (classes []*Class) { - causes := 0 - for { - switch e := err.(type) { - case *errorT: - if e.class != nil { - classes = append(classes, e.class) - } - err = e.err - continue - - case Causer: - err = e.Cause() - - case unwrapper: - err = e.Unwrap() - - default: - return classes - } - - if causes >= maxCause { - return classes + IsFunc(err, func(err error) bool { + if e, ok := err.(*errorT); ok { + classes = append(classes, e.class) } - causes++ - } -} - -// Is checks if any of the underlying errors matches target -func Is(err, target error) bool { - return IsFunc(err, func(err error) bool { - return err == target + return false }) + return classes } // IsFunc checks if any of the underlying errors matches the func func IsFunc(err error, is func(err error) bool) bool { - causes := 0 - errs := []error{err} - - for len(errs) > 0 { - var next []error - for _, err := range errs { - if is(err) { - return true - } + for { + if is(err) { + return true + } - switch e := err.(type) { - case ungrouper: - ungrouped := e.Ungroup() - for _, unerr := range ungrouped { - if unerr != nil { - next = append(next, unerr) - } - } - case Causer: - cause := e.Cause() - if cause != nil { - next = append(next, cause) + switch u := err.(type) { + case interface{ Unwrap() error }: + err = u.Unwrap() + case Causer: + err = u.Cause() + + case interface{ Ungroup() []error }: + for _, err := range u.Ungroup() { + if IsFunc(err, is) { + return true } - case unwrapper: - unwrapped := e.Unwrap() - if unwrapped != nil { - next = append(next, unwrapped) + } + return false + case interface{ Unwrap() []error }: + for _, err := range u.Unwrap() { + if IsFunc(err, is) { + return true } } + return false - if causes >= maxCause { - return false - } - causes++ + default: + return false } - errs = next } - - return false } // @@ -160,7 +136,8 @@ func IsFunc(err error, is func(err error) bool) bool { // errors are part of the class. type Class string -// Has returns true if the passed in error was wrapped by this class. +// Has returns true if the passed in error (or any error wrapped by it) has +// this class. func (c *Class) Has(err error) bool { return IsFunc(err, func(err error) bool { errt, ok := err.(*errorT) @@ -188,6 +165,22 @@ func (c *Class) WrapP(err *error) { } } +// Instance creates a class membership object which implements the error +// interface and allows errors.Is() to check whether given errors are +// (or contain) an instance of this class. +// +// This makes possible a construct like the following: +// +// if errors.Is(err, MyClass.Instance()) { +// fmt.Printf("err is an instance of MyClass") +// } +// +// ..without requiring the Class type to implement the error interface itself, +// as that would open the door to sundry misunderstandings and misusage. +func (c *Class) Instance() error { + return (*classMembershipChecker)(c) +} + // create constructs the error, or just adds the class to the error, keeping // track of the stack if it needs to construct it. func (c *Class) create(depth int, err error) error { @@ -218,6 +211,12 @@ func (c *Class) create(depth int, err error) error { return errt } +type classMembershipChecker Class + +func (cmc *classMembershipChecker) Error() string { + panic("classMembershipChecker used as concrete error! don't do that") +} + // // errors // @@ -259,15 +258,13 @@ func (e *errorT) Format(f fmt.State, c rune) { } } -// Cause implements the interface wrapping errors are expected to implement -// to allow getting at underlying causes. +// Cause implements the interface wrapping errors were previously +// expected to implement to allow getting at underlying causes. func (e *errorT) Cause() error { return e.err } -// Unwrap implements the draft design for error inspection. Since this is -// on an unexported type, it should not be hard to maintain going forward -// given that it also is the exact same semantics as Cause. +// Unwrap returns the immediate underlying error. func (e *errorT) Unwrap() error { return e.err } @@ -280,6 +277,14 @@ func (e *errorT) Name() (string, bool) { return string(*e.class), true } +// Is determines whether an error is an instance of the given error class. +// +// Use with (*Class).Instance(). +func (e *errorT) Is(err error) bool { + cmc, ok := err.(*classMembershipChecker) + return ok && e.class == (*Class)(cmc) +} + // summarizeStack writes stack line entries to the writer. func summarizeStack(w io.Writer, pcs []uintptr) { frames := runtime.CallersFrames(pcs) diff --git a/vendor/github.com/zeebo/errs/group.go b/vendor/github.com/zeebo/errs/group.go index e5997ec55d7..22b824aaf86 100644 --- a/vendor/github.com/zeebo/errs/group.go +++ b/vendor/github.com/zeebo/errs/group.go @@ -56,23 +56,8 @@ func (group Group) sanitize() Group { // combinedError is a list of non-empty errors type combinedError []error -// Cause returns the first error. -func (group combinedError) Cause() error { - if len(group) > 0 { - return group[0] - } - return nil -} - // Unwrap returns the first error. -func (group combinedError) Unwrap() error { - return group.Cause() -} - -// Ungroup returns all errors. -func (group combinedError) Ungroup() []error { - return group -} +func (group combinedError) Unwrap() []error { return group } // Error returns error string delimited by semicolons. func (group combinedError) Error() string { return fmt.Sprintf("%v", group) } diff --git a/vendor/github.com/zeebo/errs/is_go1.20.go b/vendor/github.com/zeebo/errs/is_go1.20.go new file mode 100644 index 00000000000..6f8799aa482 --- /dev/null +++ b/vendor/github.com/zeebo/errs/is_go1.20.go @@ -0,0 +1,8 @@ +//go:build go1.20 + +package errs + +import "errors" + +// Is checks if any of the underlying errors matches target +func Is(err, target error) bool { return errors.Is(err, target) } diff --git a/vendor/github.com/zeebo/errs/is_go_other.go b/vendor/github.com/zeebo/errs/is_go_other.go new file mode 100644 index 00000000000..92f3b5b61f8 --- /dev/null +++ b/vendor/github.com/zeebo/errs/is_go_other.go @@ -0,0 +1,17 @@ +//go:build !go1.20 +// +build !go1.20 + +package errs + +// Is checks if any of the underlying errors matches target +func Is(err, target error) bool { + return IsFunc(err, func(err error) bool { + if err == target { + return true + } + if x, ok := err.(interface{ Is(error) bool }); ok && x.Is(target) { + return true + } + return false + }) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 25f5d7ed60b..34c9a097c17 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -917,8 +917,8 @@ github.com/skeema/knownhosts # github.com/spf13/pflag v1.0.5 ## explicit; go 1.12 github.com/spf13/pflag -# github.com/spiffe/go-spiffe/v2 v2.4.0 -## explicit; go 1.21 +# github.com/spiffe/go-spiffe/v2 v2.5.0 +## explicit; go 1.22.11 github.com/spiffe/go-spiffe/v2/bundle/jwtbundle github.com/spiffe/go-spiffe/v2/bundle/spiffebundle github.com/spiffe/go-spiffe/v2/bundle/x509bundle @@ -962,7 +962,7 @@ github.com/x448/float16 # github.com/xanzy/ssh-agent v0.3.3 ## explicit; go 1.16 github.com/xanzy/ssh-agent -# github.com/zeebo/errs v1.3.0 +# github.com/zeebo/errs v1.4.0 ## explicit; go 1.12 github.com/zeebo/errs # go.opencensus.io v0.24.0