diff --git a/go.mod b/go.mod index 36e79a0f8b6..b9b96235ba7 100644 --- a/go.mod +++ b/go.mod @@ -47,10 +47,10 @@ require ( k8s.io/apiserver v0.28.5 k8s.io/client-go v0.28.5 k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 - knative.dev/hack v0.0.0-20240111013919-e89096d74d85 - knative.dev/hack/schema v0.0.0-20240111013919-e89096d74d85 + knative.dev/hack v0.0.0-20240123162936-f3f03ac0ab1a + knative.dev/hack/schema v0.0.0-20240123162936-f3f03ac0ab1a knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 - knative.dev/reconciler-test v0.0.0-20240116084801-50276dfba7b3 + knative.dev/reconciler-test v0.0.0-20240228213824-a2d9404ca4e7 sigs.k8s.io/yaml v1.4.0 ) diff --git a/go.sum b/go.sum index 096e102d801..66d45e3c5c7 100644 --- a/go.sum +++ b/go.sum @@ -877,14 +877,14 @@ k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5Ohx k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -knative.dev/hack v0.0.0-20240111013919-e89096d74d85 h1:ERgPObDcW9LfaEPAeFvbW3UJcF3C3ul6B2ErNMv13OE= -knative.dev/hack v0.0.0-20240111013919-e89096d74d85/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= -knative.dev/hack/schema v0.0.0-20240111013919-e89096d74d85 h1:AfUz+uoqer5Hod3mtxEHMoYUq6yEX1vLP98Ln/TYA7U= -knative.dev/hack/schema v0.0.0-20240111013919-e89096d74d85/go.mod h1:3pWwBLnTZSM9psSgCAvhKOHIPTzqfEMlWRpDu6IYhK0= +knative.dev/hack v0.0.0-20240123162936-f3f03ac0ab1a h1:+4Mdk0Lt3LGAVEI6vYyhfjBlVBx7sqS4wECtTkuXoSY= +knative.dev/hack v0.0.0-20240123162936-f3f03ac0ab1a/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= +knative.dev/hack/schema v0.0.0-20240123162936-f3f03ac0ab1a h1:9FY/uq1m9K+Ig9tt4yAry1VA4YLgFYSkegnFBv4x0aE= +knative.dev/hack/schema v0.0.0-20240123162936-f3f03ac0ab1a/go.mod h1:3pWwBLnTZSM9psSgCAvhKOHIPTzqfEMlWRpDu6IYhK0= knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 h1:H6+JJN23fhwYWCHY1339sY6uhIyoUwDy1a8dN233fdk= knative.dev/pkg v0.0.0-20240116073220-b488e7be5902/go.mod h1:NYk8mMYoLkO7CQWnNkti4YGGnvLxN6MIDbUvtgeo0C0= -knative.dev/reconciler-test v0.0.0-20240116084801-50276dfba7b3 h1:YgmYC7C3CH1urEryPvgS1PmVi6PZG2fXqGWDQ0snib4= -knative.dev/reconciler-test v0.0.0-20240116084801-50276dfba7b3/go.mod h1:PdI3uCI/8URA+hyBvWqZ2pwCIvX/4/nqCNsdW1cQauM= +knative.dev/reconciler-test v0.0.0-20240228213824-a2d9404ca4e7 h1:nw0ZbYpCwmYIm9zT5VoQ/JFAAUOcQ04wGv/ODh6tyc0= +knative.dev/reconciler-test v0.0.0-20240228213824-a2d9404ca4e7/go.mod h1:PdI3uCI/8URA+hyBvWqZ2pwCIvX/4/nqCNsdW1cQauM= pgregory.net/rapid v1.1.0 h1:CMa0sjHSru3puNx+J0MIAuiiEV4N0qj8/cMWGBBCsjw= pgregory.net/rapid v1.1.0/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/vendor/knative.dev/hack/release.sh b/vendor/knative.dev/hack/release.sh index 256ae40d0ea..cbc20f69016 100644 --- a/vendor/knative.dev/hack/release.sh +++ b/vendor/knative.dev/hack/release.sh @@ -675,8 +675,8 @@ function set_latest_to_highest_semver() { abort "cannot get relase id from github" fi - hub_tool api --method PATCH "/repos/knative/serving/releases/$release_id" \ - -F make_latest=true > /dev/null || abort "error settomg $last_version to 'latest'" + hub_tool api --method PATCH "/repos/${ORG_NAME}/${REPO_NAME}/releases/$release_id" \ + -F make_latest=true > /dev/null || abort "error setting $last_version to 'latest'" echo "Github release ${last_version} set as 'latest'" } diff --git a/vendor/knative.dev/reconciler-test/pkg/eventshub/assert/step.go b/vendor/knative.dev/reconciler-test/pkg/eventshub/assert/step.go index 2bbff311c55..21464fc8a5d 100644 --- a/vendor/knative.dev/reconciler-test/pkg/eventshub/assert/step.go +++ b/vendor/knative.dev/reconciler-test/pkg/eventshub/assert/step.go @@ -1,8 +1,10 @@ package assert import ( + "bytes" "context" "encoding/json" + "encoding/pem" "fmt" cetest "github.com/cloudevents/sdk-go/v2/test" @@ -144,13 +146,40 @@ func MatchPeerCertificatesFromSecret(namespace, name string, key string) eventsh return fmt.Errorf("failed to match peer certificates, connection is not TLS") } - for _, cert := range info.Connection.TLS.PemPeerCertificates { - if cert == string(value) { - return nil + // secret value can, in general, be a certificate chain (a sequence of PEM-encoded certificate blocks) + valueBlock, valueRest := pem.Decode(value) + if valueBlock == nil { + // error if there's not even a single certificate in the value + return fmt.Errorf("failed to decode secret certificate:\n%s", string(value)) + } + // for each certificate in the chain, check if it's present in info.Connection.TLS.PemPeerCertificates + for valueBlock != nil { + found := false + for _, cert := range info.Connection.TLS.PemPeerCertificates { + certBlock, _ := pem.Decode([]byte(cert)) + if certBlock == nil { + return fmt.Errorf("failed to decode peer certificate:\n%s", cert) + } + + if certBlock.Type == valueBlock.Type && string(certBlock.Bytes) == string(valueBlock.Bytes) { + found = true + break + } + } + + if !found { + pemBytes, _ := json.MarshalIndent(info.Connection.TLS.PemPeerCertificates, "", " ") + return fmt.Errorf("failed to find peer certificate with value\n%s\nin:\n%s", string(value), string(pemBytes)) } + + valueBlock, valueRest = pem.Decode(valueRest) + } + + // any non-whitespace suffix not parsed as a PEM is suspicious, so we treat it as an error: + if "" != string(bytes.TrimSpace(valueRest)) { + return fmt.Errorf("failed to decode secret certificate starting with\n%s\nin:\n%s", string(valueRest), string(value)) } - bytes, _ := json.MarshalIndent(info.Connection.TLS.PemPeerCertificates, "", " ") - return fmt.Errorf("failed to find peer certificate with value\n%s\nin:\n%s", string(value), string(bytes)) + return nil } } diff --git a/vendor/knative.dev/reconciler-test/pkg/eventshub/forwarder/forwarder.go b/vendor/knative.dev/reconciler-test/pkg/eventshub/forwarder/forwarder.go index 083128ca45f..8d755187e83 100644 --- a/vendor/knative.dev/reconciler-test/pkg/eventshub/forwarder/forwarder.go +++ b/vendor/knative.dev/reconciler-test/pkg/eventshub/forwarder/forwarder.go @@ -26,6 +26,7 @@ import ( "time" cloudevents "github.com/cloudevents/sdk-go/v2" + "github.com/cloudevents/sdk-go/v2/binding" cloudeventsbindings "github.com/cloudevents/sdk-go/v2/binding" "go.opencensus.io/trace" "go.uber.org/zap" @@ -171,6 +172,11 @@ func (o *Forwarder) ServeHTTP(writer http.ResponseWriter, request *http.Request) } req.URL = u + err = cehttp.WriteRequest(requestCtx, binding.ToMessage(event), req) + if err != nil { + logging.FromContext(o.ctx).Error("Cannot write the event to request: ", err) + } + eventString := "unknown" if event != nil { eventString = event.String() diff --git a/vendor/modules.txt b/vendor/modules.txt index 5acb686ae66..8277035a998 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1226,10 +1226,10 @@ k8s.io/utils/net k8s.io/utils/pointer k8s.io/utils/strings/slices k8s.io/utils/trace -# knative.dev/hack v0.0.0-20240111013919-e89096d74d85 +# knative.dev/hack v0.0.0-20240123162936-f3f03ac0ab1a ## explicit; go 1.18 knative.dev/hack -# knative.dev/hack/schema v0.0.0-20240111013919-e89096d74d85 +# knative.dev/hack/schema v0.0.0-20240123162936-f3f03ac0ab1a ## explicit; go 1.18 knative.dev/hack/schema/commands knative.dev/hack/schema/docs @@ -1385,7 +1385,7 @@ knative.dev/pkg/webhook/resourcesemantics knative.dev/pkg/webhook/resourcesemantics/conversion knative.dev/pkg/webhook/resourcesemantics/defaulting knative.dev/pkg/webhook/resourcesemantics/validation -# knative.dev/reconciler-test v0.0.0-20240116084801-50276dfba7b3 +# knative.dev/reconciler-test v0.0.0-20240228213824-a2d9404ca4e7 ## explicit; go 1.20 knative.dev/reconciler-test/cmd/eventshub knative.dev/reconciler-test/pkg/environment